[cryptography] MD5 in MACs in SSL
sneves at dei.uc.pt
Tue Sep 13 19:46:58 EDT 2011
On 13-09-2011 16:16, Ralph Holz wrote:
> I'm wondering about the use of MD5 in SSL MACs. We see that quite often
> here. What is your take on it?
> Given that SSL includes replay protection for its session keys, it does
> not seem to give an attacker any useful time window, but am I missing
> something maybe?
MACs (read: HMAC) tend to rely on the hash function's second preimage
resistance; collision resistance is not a very big deal. MD5 should be
fine, although not recommended.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography