----- Original Message ----- From: "Randy Bush" <randy@psg.com> To: "Poul-Henning Kamp" <phk@critter.freebsd.dk> Cc: "Andrei Robachevsky" <andrei@ripe.net>; "Olafur Osvaldsson" <oli@isnic.is>; <db-wg@ripe.net> Sent: Thursday, March 28, 2002 5:31 PM Subject: Re: MD5 proposal
My main concern here would be that basing the proposed method on an implementation (md5-crypt), which may change or may be mixed with some other implementation, rather than on the documented algorithm (md5 hash), which cannot, may cause confusion in the future. And, as a side question from a person far from cryptography, is it a proved fact that iterative complexity of md5-crypt makes the hash better? It makes dictionary attacks harder and more timeconsuming, it also makes it harder to do hardware implementations because you need many times more hardware.
the way out of this would seem to be for someone to write an internet draft on salted md5 and process it through the ietf security area.
randy