Christian Huitema wrote:
Thanks, with that hint I finally found the HTML version:
With a somewhat unusual password I wouldn't know how an
You would not, but the gentle folks writing the cracking tool
Certainly I don't know where to rent the zombie for 10 cents:
Next slide, yes, CRAM-MD5 is *not* designed for that attack.
Adding a prose version of your slides 3..6 and 13 to the
security considerations of a 2195bis could improve it. Do I
miss a clue, or has DIGEST-MD5 essentially the same issue ?
Note that this is not related to potential weaknesses in MD5.
Right, add 20% to your costs to get SHA-1, etc. How did you
calculate this, how long have the rented bots to crack a given
observed C/R ?
Ietf mailing list