Re: [Content-MD5 and Message Digest Authentication.], MD5 broken.

>Not really. The shared secret is the password, not its hash. Giving
>H(A1) to a server is just a way a group of servers can be given the
>password without needing to have them all have the password in
>plaintext. How they get it betwen themselves is outside the scope of the

Actually I was pretty keen on the shared secret being the hash. The idea being 
that the server need not ever know the password itself. This would be secure 
enough for many applications.

The additional hassle probably isn't worthwhile at this stage.

>In your scheme, servers that only want to support SHA would have to have
>an implementation of MD5 available -- and they might not have a license
>from RSA DSI.

Actually the license terms are merely that you call it RSA-MD5 and tell pe0op,e 
that you use it, and those are only if you use Ron's code.

O.K. so things look pretty much alright provided we put in a note to mention 
that SHA is preferred over MD5.


Received on Monday, 29 April 1996 11:56:27 UTC