RE: Remove little-used algorithms from IKEv2

Paul Hoffman / VPNC <paul.hoffman@vpnc.org> Thu, 14 March 2002 22:21 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g2EMLA425975; Thu, 14 Mar 2002 14:21:10 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id QAA06329 Thu, 14 Mar 2002 16:41:18 -0500 (EST)
Mime-Version: 1.0
X-Sender: phoffvpnc@mail.vpnc.org
Message-Id: <p05101410b8b6caac4c2b@[165.227.249.20]>
In-Reply-To: <2F3EC696EAEED311BB2D009027C3F4F405869A08@vhqpostal.verisign.com>
References: <2F3EC696EAEED311BB2D009027C3F4F405869A08@vhqpostal.verisign.com>
Date: Thu, 14 Mar 2002 13:50:37 -0800
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>, ipsec@lists.tislabs.com
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Subject: RE: Remove little-used algorithms from IKEv2
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

At 12:32 PM -0800 3/14/02, Hallam-Baker, Phillip wrote:
>Any reason for keeping the MD5 algorithms given their somewhat compromised
>status?

Yes, two.

- As I understand the argument, the "somewhat" is exactly that: there 
is no known break for real-world use, but there is a strong suspicion 
that a break could happen.

- We want it in there in case of a catastrophic failure of SHA-1 and 
the related bigger SHAs.

>MD5 and SHA are pretty close and share the same internal structure so I
>don't think we can really justify MD5 as a fallback to SHA-1, particularly
>in the light of the Dobbertin results.

I'm happy to add MD5 to the list of "only there because we could" if 
folks agree with your analysis.

>We should anticipate that the AES based SHA-2 algorithms will appear in due
>course so it is not as if there would only be one algorithm

If those have the same failure relationship to SHA-1 as MD5 does, the 
argument becomes circular.

It is good practice to have a well-understood fallback in case of 
catastrophic failure. MD5 has a huge amount of implementation 
experience behind it.

--Paul Hoffman, Director
--VPN Consortium