>b) Add even more explanatory text so that the reader has it clear that we are >not attempting to completely >secure something here, and acknowledge fully that there are weaknesses in our >algorithm. (The Wikipedia page >for HMAC gives a pretty good description of the comparison and attacks.) > >c) Attempt to argue that it's good enough as it is, and that's how we want it.
Since, as we all know, this is an argument about the thickness of a steel door that is securing a cardboard box, my preference is for C. If they're adamant, B would be OK. This is kind of an unusual application for hashing, since the goal is to leak some information. Many measures that make sense in secure environments, notably key rotation, would be counterproductive here. Also, it doesn't even have to be a hash. If I kept a database of mail recipients, and used the record number in the database, that would work just as well. R's, John _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
