[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MACs based on hash

To: Bart.Preneel@esat.kuleuven.ac.be, ipsec@ans.net
Subject: MACs based on hash
From: hugo@watson.ibm.com
Date: Sun, 3 Mar 96 23:31:14 EST
MMDF-Warning: Parse error in original version of preceding line at neptune.TIS.COM
Sender: ipsec-request@neptune.tis.com

Ref:  Your note of Mon, 4 Mar 1996 00:43:27 +0100 (attached)

Bart Preneel writes:

> In view of all of this, for all of you who want to use any of these
> constructions based on MD5, I recommend to be very careful and take the
> most conservative one you can afford.

Agreed. Given that this group has decided to go with an MD5-based MAC,
we got to be careful and cautious.
This is the exact reason why we came up with HMAC and propose it as a
default MAC for AH: it is (among all studied candidates) the one scheme
to require the least assumptions on MD5 in order for the resultant
MAC to be secure (yet it requires no performance degradation or changes
to MD5).

Hugo

Prev by Date: MACs based on hash
Next by Date: IPsec transforms
Prev by thread: MACs based on hash
Next by thread: IPsec transforms
Index(es):
- Main
- Thread