[cryptography] MD5 in MACs in SSL

Ralph Holz holz at net.in.tum.de
Tue Sep 13 19:16:38 EDT 2011


Hi,

I'm wondering about the use of MD5 in SSL MACs. We see that quite often
here. What is your take on it?

Given that SSL includes replay protection for its session keys, it does
not seem to give an attacker any useful time window, but am I missing
something maybe?

Ralph

-- 
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110914/23bad5ca/attachment.asc>


More information about the cryptography mailing list