[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec mandatory authentication algorithms

To: ipsec@tis.com
Subject: Re: IPsec mandatory authentication algorithms
From: "C. Harald Koch" <chk@utcc.utoronto.ca>
Date: Tue, 7 Oct 1997 10:38:32 -0400
Cc: Karen Seo <kseo@bbn.com>
In-reply-to: kseo's message of "Tue, 07 Oct 1997 02:59:12 -0400". <199710070713.DAA15269@relay.hq.tis.com>
References: <199710070713.DAA15269@relay.hq.tis.com>
Sender: owner-ipsec@ex.tis.com

In message <199710070713.DAA15269@relay.hq.tis.com>, Karen Seo writes:
> Folks,
> 
> There's an inconsistency between the AH and ESP specs and the DOI.

If I remember correctly, the original reason for mandating MD5 was backwards
compatability with previous implementations. However, with the sequence
number field and the new 96-bit truncated digests, we've *completely* broken
backwards compatability; the requirement is gone.

The cryptographic community appears to have declared MD5 anywhere from
suspect to compromised, depending on their level of paranoia.

Therefore, I'd recommend making HMAC with SHA-1 *mandatory*, and possibly
even specify that it should be preferred when negotiating.

Whether or not HMAC with MD5 is also mandatory is less important to me... :-)

-- 
C. Harald Koch     <chk@utcc.utoronto.ca>

Follow-Ups:

Re: IPsec mandatory authentication algorithms

From: Robert Moskowitz <rgm3@chrysler.com>

References:

IPsec mandatory authentication algorithms

From: Karen Seo <kseo@bbn.com>

Prev by Date: I-D ACTION:draft-ietf-ipsec-esp-v2-01.txt
Next by Date: Re: IPsec Architecture -- proposed changes
Prev by thread: IPsec mandatory authentication algorithms
Next by thread: Re: IPsec mandatory authentication algorithms
Index(es):
- Main
- Thread