[Cfrg] tcp-md5 "strength"

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 29 September 2016 12:15 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 2CA3512B064 for <cfrg@ietfa.amsl.com>; Thu, 29 Sep 2016 05:15:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.617
X-Spam-Status: No, score=-6.617 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id ibi-84X8j2A8 for <cfrg@ietfa.amsl.com>; Thu, 29 Sep 2016 05:14:59 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A138512B0A8 for <Cfrg@irtf.org>; Thu, 29 Sep 2016 05:14:59 -0700 (PDT)
Received: from localhost (localhost []) by mercury.scss.tcd.ie (Postfix) with ESMTP id C5C97BEAA for <Cfrg@irtf.org>; Thu, 29 Sep 2016 13:14:57 +0100 (IST)
Received: from mercury.scss.tcd.ie ([]) by localhost (mercury.scss.tcd.ie []) (amavisd-new, port 10024) with ESMTP id Hg3T3O2x3YUh for <Cfrg@irtf.org>; Thu, 29 Sep 2016 13:14:57 +0100 (IST)
Received: from [] (bilbo.dsg.cs.tcd.ie []) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1E168BE83 for <Cfrg@irtf.org>; Thu, 29 Sep 2016 13:14:57 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1475151297; bh=XUD8s5iSWcyqvf7e/j5ZJFtGwyUtiiKfITz6vtYacBs=; h=To:From:Subject:Date:From; b=Pu6MEwf5eG4OD75wONb42K1TACdaYq25QyFlf/ibGFhtuQmHr9MJx6rmod7//okOr 8KeDkXPnpmv8yf4rno3oL840o8MFp2HdpHNHSkKH+oK/zh+escFGuCytoMkW3oXo3B BDIY8unqL3b06FKgE6PT2NxZTWkEsqXcKje3JRq4=
To: "cfrg@irtf.org" <Cfrg@irtf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <baa756a9-e42a-9f0a-f772-ca230b4e43b7@cs.tcd.ie>
Date: Thu, 29 Sep 2016 13:14:57 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms060104000303070205070300"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Y6FIyTX6ewTj5zLIOW5Nd7hkDj4>
Subject: [Cfrg] tcp-md5 "strength"
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Sep 2016 12:15:01 -0000


I was just asked for an estimate for how much effort
it might be to break tcp-md5 [1] and whether (and for
whom:-) that might be practical, for any interesting
kind of break.

If anyone has answers or estimates handy, that'd be


PS: Yes, I know tcp-md5 is pretty to very crappy,
sadly, it's still used and hard to displace :-(

[1] https://tools.ietf.org/html/rfc2385