[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Keyed-MD5, ITAR, and HTTP-NG

To: Rich Salz <[email protected]>, [email protected]
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
From: [email protected]
Date: Mon, 30 Oct 95 23:27:36 -0500
Cc: [email protected]
In-Reply-To: Your message of "Mon, 30 Oct 95 22:30:06 EST." <[email protected]>
Sender: [email protected]


>For example, it's probably a real bad idea to replace DES with something
>commonly called RC4.  The former has been under public scrutiny for years,
>the later still has not formally emerged from the shroud of trade secret.
>The keyed MD5 responses also don't inspire confidence.

I disagree. Basically Simon simply has to stick in some parameters so that
the crypto alg can change with time. There should be slots for the following 
algs :-

Symmetric cipher	IDEA, RC4, 3DES
Keyed Digest		KD* (paper to follow, there are 7 to chose from).

Key exchange		Diffie-Helleman, El Gammal, RSA
Signature		RSA, El Gammal, Rabin (Shamir variation), DSS
Hash functions		MD5, SHA

I don't think that we are intending to tap Simons skill in designing 
ciphers. We have Ron Rivest and Taher El Gamal for that, plus help from
Adi Shamir and if we get stuck I'll bang on some other doors. I really don't 
think we have a problem lacking cryptographers. Simon is putting in security 
input which is different. We have an equally star studded cast for that side of 
things (and if we get stuck I'll e-mail some more characters).

	Phill

Follow-Ups:
- Re: Keyed-MD5, ITAR, and HTTP-NG
  - From: John Lull <[email protected]>
- Re: Keyed-MD5, ITAR, and HTTP-NG
  - From: [email protected]

References:
- Re: Keyed-MD5, ITAR, and HTTP-NG
  - From: Rich Salz <[email protected]>

Prev by Date: Re: Cuban Security Conference
Next by Date: Copy Protection Schemes
Prev by thread: Re: Keyed-MD5, ITAR, and HTTP-NG
Next by thread: Re: Keyed-MD5, ITAR, and HTTP-NG
Index(es):
- Date
- Thread