[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward

To: hugo@watson.ibm.com
Subject: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 29 Feb 1996 16:09:19 -0500
Cc: ipsec@TIS.COM, rja@cisco.com, PALAMBER@us.oracle.com
In-Reply-To: Your message of "Thu, 29 Feb 1996 13:49:30 EST." <199602291926.OAA24213@relay.tis.com>
Reply-To: perry@piermont.com
Sender: ipsec-request@neptune.tis.com

hugo@watson.ibm.com writes:
> Ref:  Your note of Mon, 26 Feb 96 20:34:35 GMT (attached)
> 
> I suggest NOT moving forward RFC1828.
> 
> Let's replace that transform by the keyed-MD5 transform
> of Bellare, Canetti and Krawczyk,
> as described in draft-krawczyk-keyed-md5-01.txt.
> (This function is now named HMAC).

I have no problem with the idea of ultimately advancing the HMAC
transform to standard, especially after it has been out for a good
while and there has been additional opportunity for cryptographers to
attack it, but I disagree with the words "replace". As Paul's survey
reveals, many implementations currently implement 1828. Let us instead
speak of requiring this new superior transform rather than of
"replacing" the old one, which would imply, for example, that
identifiers for 1828 in key management protocols would have to point
at HMAC instead, which would result in interoperability problems.

Perry

References:

(IMPORTANT) Call for AH-MD5 and ESP-DES to move forward

From: hugo@watson.ibm.com

Prev by Date: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Next by Date: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Prev by thread: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Next by thread: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Index(es):
- Main
- Thread