RE: potential hazards of Protect-America act

• Previous message: Steven M. Bellovin: "Re: potential hazards of Protect-America act"
• Maybe in reply to: (no email): "potential hazards of Protect-America act"
• Next in thread: Warren Kumari: "Re: potential hazards of Protect-America act"
• Reply: Warren Kumari: "Re: potential hazards of Protect-America act"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I think I need to eat crow on the MD5 comment -- I was confused with SHA,
which although has been attacked, is still holding up:
http://www.schneier.com/blog/archives/2007/01/sha1_cracked.html

Frank

-----Original Message-----
From: Steven M. Bellovin [mailto:]
Sent: Tuesday, January 29, 2008 9:13 PM
To:
Cc: ;
Subject: Re: potential hazards of Protect-America act

On Tue, 29 Jan 2008 20:28:05 -0600
"Frank Bulk" <> wrote:

>
> Pretty good in the generalities, but there are few finer technical
> points that could be been precisely and accurately stated. One that
> comes to mind was the MD5 reference, another was the "50% loss" when
> talking about performing an optical split.
>
Speaking as one of the authors, we did our best. (But what do you mean
about MD5? That was taken straight from the FOIAed FBI documents, and
from conversations with people in law enforcement I'm quite certain
that MD5 is still used -- inappropriately! -- in sensitive places.)

                --Steve Bellovin, http://www.cs.columbia.edu/~smb

• Previous message: Steven M. Bellovin: "Re: potential hazards of Protect-America act"
• Maybe in reply to: (no email): "potential hazards of Protect-America act"
• Next in thread: Warren Kumari: "Re: potential hazards of Protect-America act"
• Reply: Warren Kumari: "Re: potential hazards of Protect-America act"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]