strength of encryption types
Rahul.Jain@wellsfargo.com
Rahul.Jain at wellsfargo.com
Thu Apr 21 14:40:04 EDT 2005
How strong is 3DES with MD5 without HMAC or key derivation?
Specifically, is MD5 in this situation much use without HMAC given the
recent attacks found? If not, how easy is it to modify an encrypted 3DES
message so that it contains different content? Is that attack comparable
to cracking the key? Would 3DES with SHA1 without HMAC or KD be
significantly better (IIUC, it would be an increase in the strength of
the hash from an effective 2**24 to 2**69... or is that to 2**106... in
that case, what is the strength of finding MD5 collisions to a given
message)?
TIA,
Rahul Jain
More information about the Kerberos
mailing list