home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!spool.mu.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!cs.utexas.edu!ut-emx!tivoli!todd
- From: todd@palomar.tivoli.com
- Newsgroups: sci.crypt
- Subject: MD5 as an encryption engine?
- Message-ID: <TODD.92Dec30124821@palomar.tivoli.com>
- Date: 30 Dec 92 03:48:21 GMT
- Sender: news@tivoli.UUCP
- Distribution: sci
- Organization: Tivoli Systems, Inc.
- Lines: 43
-
-
- Once again I've seen a reference to the fact that protocols relying on
- MACs (message authentication codes) are preferable to those using
- private key encryption mechanisms like DES. The claim is that
- libraries containing APIs to MAC mechanisms, like MD5, are exportable
- because they don't fall under the munition regulations.
-
- Isn't it a simple matter to use an algorithm like MD5 to produce a
- very strong cipher? Although there are lots of possibilities,
- something like the following should work well
-
- Y[0] = MD5(K^R)
- Y[n] = X[n] ^ MD5(K^Y[n-1])
-
- where X[1..n] are the blocks of plaintext and Y[0..n] are the
- resulting ciphertext blocks, ^ is exclusive or, and R is just some
- random value. MD5 can be replaced by other strong hashing functions
- or one-way functions. It has been conjectured that MD5 is strong,
- i.e. that for a given value V, finding a K such that V = MD5(K)
- takes on the order of 2**128 operations.
-
- If the conjecture about MD5 is true then the resulting encryption
- should be stronger than DES; furthermore, MD5 is much faster than DES.
-
- So why is MD5 exportable and why couldn't it be used as a replacement
- for DES? (Of course there is the obvious reason that there hasn't
- been as much time to study it.)
-
-
-
-
-
-
-
-
- --
-
- Todd
- --
- Todd Smith TIVOLI Systems, Inc.
- todd@tivoli.com 6034 West Courtyard Dr.
- Suite 210
- (512) 794-9070 [794-0623 fax] Austin, TX 78730
-
