<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: Re: Simple steps to improve CIPE security
From: Allan Latham <alatham,AT,flexsys-group,DOT,com>
Date: Tue, 30 Sep 2003 18:04:10 +0200
In-reply-to: <200309301700.11829.ml-cipe@studentenwerk.mhn.de>
References: <E1A2bsS-00033q-00@bigred.inka.de> <200309301521.48890.alatham@flexsys-group.com> <200309301700.11829.ml-cipe@studentenwerk.mhn.de>

Hi Wolfgang

thank you for this input. I will research it some more before coming to a 
final opinion on MD5. It can wait a little while.

Can anyone add to this please?

MfG

Allan

On Tuesday 30 September 2003 17:00, Wolfgang Walter wrote:
> Am Dienstag, 30. September 2003 15:21 schrieb Allan Latham:
> > Hi all
> >
> > MD5 is mature and well researched. Perfect it isn't, but I think we can
> > say that the likelyhood is that gross errors which would limit its
> > usefulness in our application do not exist in it.
> >
> > This is not the case of hash127. Until this has been scrutinized by those
> > much cleverer than me I would prefer to leave it alone.
> >
> > It will not be possible to use a keyed hash without new key material -
> > using the static or dynamic key is not safe. That in turn means
> > modifications to the KX mechanism which I would want to avoid at this
> > stage.
> >
> > Best regards
> >
> > Allan
>
> Strongly universal hash functions are well researched. They have been
> developped already in late 70th by Carter and Wegman. They are hash
> functions with certain mathematical properties which can be proofed.
> Bernsteins proofs this for his hash127 function.
>
> Their security (for authentication and integrity) then is unconditional.
> That says its cryptographic security only depends on the
> pseudo-random-generator used, i.e. if you use AES: The MAC is
> cryptographically broken if and only if AES is broken. If AES is broken you
> can still use hash127 but with another cypher as pseudo-random-generator.
>
> Greetings,


<< | Thread Index | >> ]    [ << | Date Index | >> ]