Nicolas Williams writes:
> I don't recommend using MD5 for this, nor SHA-1. It's not just the
> recent breaks, but also the benefit of avoiding having to justify the
> use of obsolete hash functions to whoever.
MD5 is fine for a purpose like this. Heck, even CRC-32 likely would
work acceptably well.
All we care about is having a reasonably low probability of a hash
collision for ESSID+BSSID combinations that the user chooses when
connecting to secured APs.
The "risk" of a collision is nil. In fact, we have them today, and on
some networks they happen somewhat frequently. If you can't come up
with a unique ID, then you end up reusing an old one.
The risk is no different from setting the wrong WEP or WPA key. You
don't expose anything ("secobj" doesn't appear on the wire and has
nothing whatsoever to do with how the protocol works) in the process.
It's merely an internal file name.
Don't go overboard. Please don't. Just generate a truncated hash by
the most convenient means possible and drive on.
--
James Carlson, Solaris Networking <[EMAIL PROTECTED]>
Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
_______________________________________________
networking-discuss mailing list
[email protected]
