spf-discuss
[Top] [All Lists]

Re: Re: ESMTPA vs. ESMTPS

2005-08-16 15:03:40

On Tue, 16 Aug 2005, Frank Ellermann wrote:

william(at)elan.net wrote:

SMTP with TLS with self-signed certificate will do fine and
much better then CRAM-MD5

Point.  OTOH this is not more KISS (in other words I never
tried hard to understand it, let alone implement it in REXX)

<ot>
Its been 10 years since I did anything with REXX (that's how its been
since I converted my Maximus based BBS into unix Tycho based BBS and after setting up rexx interprter for unix got amazed that some extra features/doors I wrote still worked...
(...me wonders how many are on this list who understood what I wrote...)
</ot>

<http://purl.net/xyzzy/src/md5.cmd> (REXX MD5 stuff)
How about sha256.cmd?

AFAIK SHA-1 is not really better than MD5, it's only longer.

In cryptography world longer generally means better. Consider public keys for example, i.e. 1024bit vs 384bit keys

And SHA-256 is again longer.  I watch the "hash WG"

Its BoF and it may not become a WG. I'm actually a bit frustrated that
nothing serious happened and that majority just want to create BCP on
"hash security" rather then actually work on fixing effected protocols.

hoping for better ideas.  At the moment I often see discussions in
the rough direction of "let's take SHA-256 and truncate it".

Trancated SHA-256 is likely to provide the same level of security as
SHA1 since its result is 160bit (of course the problem is that SHA1 does not provide level of security expected because of recent attacks on its system), but it takes more resources to calculate because the pre-output
is 256bit. In my opinion better is either to directly use SHA256 output
(when hash data size is not an issue) or create new 160bit hash function to replace SHA1 (possibly it can be just some changes to SHA1 with simple filter for incoming output to make attacks on result difficult).

Why is that better than say "let's use MD5 for odd bytes,
again MD5 for the even bytes, and concatenate the hashes" ?

You break it apart and now have to create collision of part1 and part2.
Security is supposed to increases exponentially with adding of more bits
and here you have simple linear increase of needed computational capabilities. So what by adding two 128bit hashed together you do not
have the same level of security as 256bit hash, what you got is variant
of 129bit hash security but with much longer resuling data.

--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net


<Prev in Thread] Current Thread [Next in Thread>