[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (mobile-ip) MD5 Key recovery attack

To: ietf-radius@livingston.com
Subject: Re: (mobile-ip) MD5 Key recovery attack
From: dpkemp@missi.ncsc.mil (David P. Kemp)
Date: Tue, 13 Feb 1996 14:04:12 -0500
Cc: ipsec@ans.net
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

Yesterday, I wrote:

> Netscape's SSL Version 3 (ftp://ftp.netscape.com/pub/review/ssl-spec.tar.Z)
> has adopted the Krawczyk MAC using both MD5 and SHA.  Also, a very
> influential vendor consortium recently switched from using MD5 to SHA
> because, despite the increased size of its hash value, SHA is
> computationally faster than MD5.

Several prominent experts have pointed out that the SHA is NOT faster
than MD5.  I have not yet been able to get clarification from the source
of the above information - I may have misinterpreted what he said, or
it may apply only in special circumstances.

In any case, it is clear that on general purpose computers such as those
that might be expected to host a RADIUS server, MD5 is faster than SHA.
Sorry for the mis-information.

   Dave Kemp

Prev by Date: Re: ADMIN: Straw Poll Results on Key Mgmt
Next by Date: Re: ICMP messages
Prev by thread: Re: ICMP messages
Next by thread: Straw Poll and Photuris
Index(es):
- Main
- Thread