[e2e] Re: [Tsvwg] Really End-to-end or CRC vs everything else?

Bill Sommerfeld sommerfeld at orchard.arlington.ma.us
Fri May 25 14:22:55 PDT 2001


> [... md5 as an error-check function to defeat would-be middleboxers...]
> 
> If you put that in the transport layer, won't that makes communication
> without a shared-secret impossible? At least without using some other
> transport protocol, to bootstrap a D-H or SPEKE or other initial key
> exchange.

md5 is an unkeyed function, just like the CRC or internet checksum.

hmac-md5 is a keyed function built out of md5 (it's one of two MAC
functions used with IPsec).

You use unkeyed md5 if:
 - you want a strong modification check but "enemy action" isn't part
of your threat model.
or
 - you're doing to do some sort of keyed transform (e.g., signature)
on the value of the md5 function.

If you just want a better bitrot-trap, md5 alone would do the trick
(though it's fairly expensive to compute).

If you view middleboxes as the enemy and want to prevent them from
tampering with traffic, you need something like hmac-md5, keyed with a
key unknown to the middlebox.

					- Bill



More information about the end2end-interest mailing list