[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

quick survey on MD5 & SHA-1




I'm trying to figure out where folks stand on the matter of which
cryptographic hash function the IPsec WG should be using as its
default, mandatory-to-implement function.

At the LA IETF, there was a very clear consensus that the HMAC technique
described by Hugo should be the standard technique used with cryptographi
hash functions in the IPsec context.

The paper from the German Information Security Agency indicated a partial
cryptanalysis, not a full cryptanalysis, of ordinary MD5.  Reportedly,
that work does not apply to the HMAC technique of using MD5.  So there
is no known cryptanalysis of MD5 at present, though probably less confidence
in MD5 than before.

The main alternative to MD5 would be SHA-1 since MD4 is known to be less
strong than MD5.  Also, neither MD4, MD5, nor SHA-1 have patent problems.

Will active members of the WG who have a strong opinion about which
cryptographic hash function should be the default mandatory-to-implement
algorithm please send an email note to me <rja@cisco.com> and to Paul Lambert
<palamber@us.oracle.com> and indicate your preference and reasoning
so we can figure out where folks stand on this question.

Thanks,

Ran
rja@cisco.com