[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Straw Poll and Alignment
From: "C. Harald Koch" <chk@utcc.utoronto.ca>
Date: Thu, 13 Feb 1997 16:39:06 -0500
In message <01BC19B1.72DCA5A0@Tastid.Cisco.COM>, Rob Adams writes:
>
> I don't understand our insistance on linking the size of the
> fields with alignment of the header.
Ok, maybe I'm over-reacting. I just think it's foolish to throw away
information (the extra 32-bits of MAC) only to replace it with padding.
OTOH, I admit that doing so does make MD5 and SHA-1 processing identical,
which again simplifies code, which is the object of this whole process...
> Hugo et al. believe that it is more secure to truncate SHA.
I think that's a bit strong. I read their messages as "it doesn't detract
from the security, and it *may* increase the security".
No, what Hugo said is that for MAC's it's *good* to truncate the hash,
because by throwing away information, you are *denying* that information
to an attacker, who might use that information against you. There are
more ways to attack a crypto algorythms than just brute force attacks!
- Ted
References: