review of Projects/replay_cache_collision_avoidance, ending Jan. 12

Sam Hartman hartmans at MIT.EDU
Wed Dec 31 06:03:52 EST 2008

I was writing up a message to disagree with Greg; in particular I
 think that you only need to pay the complexity cost of algorithm
 agility when you support the second algorithm.

However I considered his argument that the hash is not security
sensitive and agree.  I'd like to expand on that a bit because I get
nervous when people claim that a hash is not security sensitive
without more detail.  We depend on the hash to hash identical inputs
to the same output; this seems quite safe as it is a function.  If an
attacker can cause non-identical inputs to collide,the worst they can
get is false positives.  So, I agree the hash is not likely to need to
change for security reasons.


More information about the krbdev mailing list