[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Remove little-used algorithms from IKEv2

To: IP Security List <ipsec@lists.tislabs.com>
Subject: RE: Remove little-used algorithms from IKEv2
From: Henry Spencer <henry@spsystems.net>
Date: Thu, 14 Mar 2002 16:02:44 -0500 (EST)
In-Reply-To: <2F3EC696EAEED311BB2D009027C3F4F405869A08@vhqpostal.verisign.com>
Sender: owner-ipsec@lists.tislabs.com

On Thu, 14 Mar 2002, Hallam-Baker, Phillip wrote:
> MD5 and SHA are pretty close and share the same internal structure so I
> don't think we can really justify MD5 as a fallback to SHA-1, particularly
> in the light of the Dobbertin results.

Remember that the Dobbertin results appear to be inapplicable to HMAC-MD5,
serious though they are for plain MD5.

One consideration that matters to some people is that MD5 was not designed
by the NSA.  (Saying that this shouldn't matter to them won't make it so.)

This is one place where even FreeS/WAN, which generally is big on "one good
solution, not a choice among ten", offers both.

                                                          Henry Spencer
                                                       henry@spsystems.net

References:
- RE: Remove little-used algorithms from IKEv2
  - From: "Hallam-Baker, Phillip" <pbaker@verisign.com>

Prev by Date: RE: Remove little-used algorithms from IKEv2
Next by Date: Re: Remove little-used algorithms from IKEv2
Prev by thread: RE: Remove little-used algorithms from IKEv2
Next by thread: RE: Remove little-used algorithms from IKEv2
Index(es):
- Date
- Thread