[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Straw Poll and Alignment

To: "C. Harald Koch" <chk@utcc.utoronto.ca>
Subject: Re: Straw Poll and Alignment
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Date: Thu, 13 Feb 1997 17:30:43 -0500
Address: 1 Amherst St., Cambridge, MA 02139
Cc: adams@cisco.com, ipsec@tis.com, rja@inet.org
In-Reply-To: C. Harald Koch's message of Thu, 13 Feb 1997 16:39:06 -0500,<199702132139.QAA28429@rafael.rnd.border.com>
Phone: (617) 253-8091
Sender: owner-ipsec@ex.tis.com

   From: "C. Harald Koch" <chk@utcc.utoronto.ca>
   Date: Thu, 13 Feb 1997 16:39:06 -0500

   In message <01BC19B1.72DCA5A0@Tastid.Cisco.COM>, Rob Adams writes:
   >
   > I don't understand our insistance on linking the size of the 
   > fields with alignment of the header.

   Ok, maybe I'm over-reacting. I just think it's foolish to throw away
   information (the extra 32-bits of MAC) only to replace it with padding.
   OTOH, I admit that doing so does make MD5 and SHA-1 processing identical,
   which again simplifies code, which is the object of this whole process...

   >  Hugo et al. believe that it is more secure to truncate SHA.   

   I think that's a bit strong. I read their messages as "it doesn't detract
   from the security, and it *may* increase the security".

No, what Hugo said is that for MAC's it's *good* to truncate the hash,
because by throwing away information, you are *denying* that information
to an attacker, who might use that information against you.  There are
more ways to attack a crypto algorythms than just brute force attacks!

						- Ted

References:

Re: Straw Poll and Alignment

From: "C. Harald Koch" <chk@utcc.utoronto.ca>

Prev by Date: Re: Straw Poll and Alignment
Next by Date: Re: test vectors for HMAC-SHA-1 - Test Data and Bad News
Prev by thread: Re: Straw Poll and Alignment
Next by thread: Quick Mode and KE payloads
Index(es):
- Main
- Thread