search for: based_message_authentication_code

Displaying 3 results from an estimated 3 matches for "based_message_authentication_code".

2017 Jan 27
4
Notes on openssh configuration
Hello list, To my astonishment the openssh versions on both C6 and C7 will by default negotiate an MD5 HMAC. C6 client, C7 server: debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none C7 client & server: debug2: mac_setup: setup hmac-md5-etm at openssh.com debug1:
2017 Jan 27
0
Notes on openssh configuration
...n Ottolander wrote: > To my astonishment the openssh versions on both C6 and C7 will by > default negotiate an MD5 HMAC. Cryptographers still consider MD5 secure for HMAC use. Wikipedia's references (currently 6, 7, and 8) in this article are useful: https://en.wikipedia.org/wiki/Hash-based_message_authentication_code
2017 Jan 27
2
Notes on openssh configuration
Hello Gordon, On Fri, 2017-01-27 at 10:26 -0800, Gordon Messmer wrote: > Cryptographers still consider MD5 secure for HMAC use. Wikipedia's > references (currently 6, 7, and 8) in this article are useful: > > https://en.wikipedia.org/wiki/Hash-based_message_authentication_code https://en.wikipedia.org/wiki/MD5 seems to disagree: "The security of the MD5 has been severely compromised, with its weaknesses having been exploited in the field, most infamously by the Flame malware in 2012. The CMU Software Engineering Institute considers MD5 essentially "cryptograp...