On 13-09-2011 16:16, Ralph Holz wrote: > Hi, > > I'm wondering about the use of MD5 in SSL MACs. We see that quite often > here. What is your take on it? > > Given that SSL includes replay protection for its session keys, it does > not seem to give an attacker any useful time window, but am I missing > something maybe? > > Ralph
MACs (read: HMAC) tend to rely on the hash function's second preimage resistance; collision resistance is not a very big deal. MD5 should be fine, although not recommended. Samuel Neves
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography