Re: DES MAC Alternative

Stuart,

        The DES MAC fails several tests of a good hash function.  Most
importantly, commonly accepted defintions for hash functions require
that an originator not be able to construct two messages which the
same hash value.  DES MAC clearly fails this test.  Also, it is
desirable that a hash function be fast to compute.  With hash
functions such as MD5 and the SHS, the DES MAC cannot be considered
fast.

        While one could alleviate the vulnerabilities of DES MAC for
use with symmetric key management, by chaning the token structure, we
could not use DES MAC provide a basis for non-repudiation when using
asymmetric management.  This would require differentiating the
security services provided when DES MAC was used, vs. true hash
functions.  It hardly seems worthwhile at this point to introdcue that
complexity, given the availability of good hash funtcions.

Steve

<Prev in Thread]	Current Thread	[Next in Thread>
DES MAC Alternative, Stuart Stubblebine Re: DES MAC Alternative, Steve Kent Re: DES MAC Alternative, Stuart Stubblebine Re: DES MAC Alternative, Steve Kent <= Re: DES MAC Alternative, shirey Re: DES MAC Alternative, Stephen D Crocker Re: DES MAC Alternative, Stuart Stubblebine Re: DES MAC Alternative, Stuart Stubblebine

Previous by Date:	Re: DES MAC Alternative, Stephen D Crocker
Next by Date:	[Internet-Drafts(_at_)CNRI(_dot_)Reston(_dot_)VA(_dot_)US: ID ACTION:draft-ietf-pem-algorithms-02.txt], David M. Balenson
Previous by Thread:	Re: DES MAC Alternative, Stuart Stubblebine
Next by Thread:	Re: DES MAC Alternative, shirey
Indexes:	[Date] [Thread] [Top] [All Lists]