dkim-ops
[Top] [All Lists]

Re: [dkim-ops] DKIM - ATPS

2010-09-24 13:57:11
A number of people have pointed out that MD5 is a weak hash subject to 
collisions.  While true for general crypto operations, I'm still not convinced 
that one could find two DNS-valid domains that collide; collisions are 
possible, to be sure, but a collision with "example.com" is likely to contain 
at least one character that's not a valid DNS character, making the collision 
space even smaller than it already is.

Doug also pointed out that my performance data were wrong or at least outdated; 
I had found some tests that showed MD5 was 4x faster than SHA1, but that's 
actually not the case, at least not these days.

But perhaps the easiest way to solve this debate was pointed out by Barry: The 
IESG would be unlikely to support a protocol with even light security 
implications that uses MD5 without a lot of research into why it's the best 
choice over other algorithms.  So that's that. :)

So I'll switch ATPS to what TPA did and use SHA1+base32, which constrains the 
encoding to 32 bytes just like MD5 and isn't that much more expensive but is 
definitely more palatable.


_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops

<Prev in Thread] Current Thread [Next in Thread>