[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I-D ACTION:draft-krawczyk-keyed-md5-01.txt
Ref: Your note of Thu, 28 Dec 95 05:06:58 GMT (attached)
Bill,
> I finally had time to read the draft, and I find it unconvincing.
The draft was intended to describe the function and to give some minimal
background. For a full rationale you'll have to read the paper which will be
available in two weeks.
>
> It has several inaccuracies, some unsubstantiated claims, and has
> insufficient detail to understand why the proposed double hash is any
> more robust than the current technique in the face of a weakness of the
> compression function of MD5 (or anything else).
Please point to me any inaccuracies you found so I can correct/clarify in
future versions.
If by "unsubstantiated claims" you mean the missing mathematical analysis that's
fine. As I said the draft is not intended to convey that information.
However, excluding the pure technical details I have provided much of the
information on the function's rationale during my presentation in Dallas
and a note to this list that I sent before Dallas.
I will send a copy of that note to you personally in case you missed it.
Hugo
PS: As for the general mathematical theory behind this type of functions you
can read the BCK1 reference in the draft which can be retrieved from the
Web as I have already pointed out in the past.
Follow-Ups: