Displaying 3 results from an estimated 3 matches for "based_message_authentication_code".
2017 Jan 27
4
Notes on openssh configuration
Hello list,
To my astonishment the openssh versions on both C6 and C7 will by
default negotiate an MD5 HMAC.
C6 client, C7 server:
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
C7 client & server:
debug2: mac_setup: setup hmac-md5-etm at openssh.com
debug1:
2017 Jan 27
0
Notes on openssh configuration
...n Ottolander wrote:
> To my astonishment the openssh versions on both C6 and C7 will by
> default negotiate an MD5 HMAC.
Cryptographers still consider MD5 secure for HMAC use. Wikipedia's
references (currently 6, 7, and 8) in this article are useful:
https://en.wikipedia.org/wiki/Hash-based_message_authentication_code
2017 Jan 27
2
Notes on openssh configuration
Hello Gordon,
On Fri, 2017-01-27 at 10:26 -0800, Gordon Messmer wrote:
> Cryptographers still consider MD5 secure for HMAC use. Wikipedia's
> references (currently 6, 7, and 8) in this article are useful:
>
> https://en.wikipedia.org/wiki/Hash-based_message_authentication_code
https://en.wikipedia.org/wiki/MD5 seems to disagree:
"The security of the MD5 has been severely compromised, with its
weaknesses having been exploited in the field, most infamously by the
Flame malware in 2012. The CMU Software Engineering Institute considers
MD5 essentially "cryptograp...