apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luke Kenneth Casson Leighton <l...@samba-tng.org>
Subject Re: [PATCH] apr-util hmac md5
Date Wed, 06 Jun 2001 11:46:13 GMT
raaay, good for sander.

HMAC_MD5 is used in NTLMv2 security to help guarantee
against replay attacks on different sessions
[NTLMv2 doesn't stop replay attacks on the _same_ session :)]

HMAC_xxx is used to generate one-way hashes from secret
keys and public data, basically.  if you have to one-way
hash, it's pretty much O(N ^^ -128) likely that you will
be able to obtain the secret key.

sander, just a thought: would it be possible for to write
a general HMAC_xx that accepts an xx?

and then HMAC_MD5 being a specialisation of that?

or, is it simply worth saying,well, uh, if you're gonna
do that, forget it: use openssl.


On Tue, Jun 05, 2001 at 07:34:33PM +0100, Ben Laurie wrote:
> Justin Erenkrantz wrote:
> > 
> > On Tue, Jun 05, 2001 at 01:54:05AM +0200, Sander Striker wrote:
> > > Hi,
> > >
> > > This patch adds HMAC MD5 to apr-util.
> > 
> > Where would we use this?  Is this algorithm of sufficient usage that it
> > would benefit being in apr-util?  I've never heard of HMAC before - I
> > had to look it up on rfc-editor.org.  Maybe I live in a paper bag.
> Please be assured that you _do_ live in a paper bag. HMACs are good
> things if you care about security. :-)
> Cheers,
> Ben.
> --
> http://www.apache-ssl.org/ben.html
> "There is no limit to what a man can do or how far he can go if he
> doesn't mind who gets the credit." - Robert Woodruff

View raw message