Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis-01.txt
Vishwas Manral <vishwas@ipinfusion.com> Fri, 02 March 2007 22:19 UTC
Return-path: <isis-wg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HNG5e-0001bM-Au; Fri, 02 Mar 2007 17:19:02 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HNG5d-0001aw-DO for isis-wg@ietf.org; Fri, 02 Mar 2007 17:19:01 -0500
Received: from mail.ipinfusion.com ([65.223.109.2] helo=gateway.ipinfusion.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HNG5Z-00022K-Ik for isis-wg@ietf.org; Fri, 02 Mar 2007 17:19:01 -0500
Received: from [127.0.0.1] ([65.223.109.250]) by gateway.ipinfusion.com (8.11.6/8.11.6) with ESMTP id l22MIbK11087; Fri, 2 Mar 2007 14:18:37 -0800
Message-ID: <45E8A2BD.6070704@ipinfusion.com>
Date: Fri, 02 Mar 2007 14:18:37 -0800
From: Vishwas Manral <vishwas@ipinfusion.com>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: James Carlson <james.d.carlson@sun.com>
Subject: Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis-01.txt
References: <7993FE39-A603-4830-B63F-9615A38B3DEA@cisco.com> <45E88174.7040208@ipinfusion.com> <5B7CE451-04FE-42EC-B786-8F952C3F8C0A@cisco.com> <45E89CD7.7030708@ipinfusion.com> <17896.41109.961725.28931@gargle.gargle.HOWL>
In-Reply-To: <17896.41109.961725.28931@gargle.gargle.HOWL>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d
Cc: Tony Li <tli@cisco.com>, isis-wg@ietf.org
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/isis-wg>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
Errors-To: isis-wg-bounces@ietf.org
James, I agree it is hard to get two valid inputs with the same hash. However from what I was told, many characters not part of the standard character set and hence are invisible(so just the same as if they were not there). That is the reason I gave the example given by the security people for the collision attack. I agree it is not IS-IS related and we can probably shift this discussion to some security list (we have discussed this on RPSec a couple of years back and I am giving you the gist of the discussion there). Thanks, Vishwas James Carlson wrote: > Vishwas Manral writes: > >> What I mean is not that hashing wont have collisions, but that finding >> them should not be easy. That was the intention. I gave you the typical >> example served for the same about two documents with the same hash and >> hence the same signature. >> > > There's a huge difference between being able to find collisions with > arbitrary input, and being able to find a collision on specifically > modified input. > > In other words, there's a serious threat if someone can use known good > messages to construct a new and different message that's syntactically > correct and meaningful with a hash that passes validation. > > As far as I know, nobody knows how to do that for MD5, and conflating > an academic exercise with a security problem in an actual protocol is > probably not a worthwhile contribution. > > _______________________________________________ Isis-wg mailing list Isis-wg@ietf.org https://www1.ietf.org/mailman/listinfo/isis-wg
- [Isis-wg] draft-bhatia-manral-crypto-req-isis-01.… Tony Li
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Vishwas Manral
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Vishwas Manral
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Vishwas Manral
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Vishwas Manral
- RE: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Parker, Jeff
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Vishwas Manral
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Tony Li
- Re: [Isis-wg] draft-bhatia-manral-crypto-req-isis… Russ White