Andrew Maslar asked:
>I'm toying around with various protocols for key exchange, and I wonder,
>if an attacker intercepted the result of the following operation:
>md5(x) + md5(x + y + z)
>Could s/he compute y? [knowing x and z]
At 10:57 PM 12/27/98 -0800, Bill Stewart wrote:
>If y is a wimpy password, it's pretty easy ("wimpy" being a highly
>precise definition, of course :-). [... definition snipped]
>So you still, and always, need good passwords, even if you've got
>salt to help you.
Not always. Many stronger key exchange protocols tolerate wimpy
passwords, plain or salted, with minimal risk of network attack.
But in *this* protocol, Bill is right. Ordinary use of MD5 or
HMAC just doesn't do it.
-------------------------
David P. Jablon
Integrity Sciences, Inc.
[EMAIL PROTECTED]
<http://world.std.com/~dpj/>
