review of Projects/replay_cache_collision_avoidance, ending Jan. 12
hartmans at MIT.EDU
Wed Dec 31 06:03:52 EST 2008
I was writing up a message to disagree with Greg; in particular I
think that you only need to pay the complexity cost of algorithm
agility when you support the second algorithm.
However I considered his argument that the hash is not security
sensitive and agree. I'd like to expand on that a bit because I get
nervous when people claim that a hash is not security sensitive
without more detail. We depend on the hash to hash identical inputs
to the same output; this seems quite safe as it is a function. If an
attacker can cause non-identical inputs to collide,the worst they can
get is false positives. So, I agree the hash is not likely to need to
change for security reasons.
More information about the krbdev