Abstract
The modern application of cryptographic principles is actually quite primitive—not in its complexity, but in the way the complexity has been managed. Independent primitives such as hashes and ciphers completely specify the behavior of a limited set of aggressively audited algorithms. Each trusted implementation is chosen to be entirely functionally equivalent to one another; choosing one over another is to have no impact on what the user (legitimate or otherwise) can do. Deviations among the chosen algorithms are limited to speed of operation, some mild key and block size constraints, and a vaguely understood “security level” of the underlying mathematics. Joux and Wang have made it plainly clear that MD5 has serious problems. Outside FIPS's unwillingness to certify MD5, there is no apparent push to migrate away from MD5, as was once done for its predecessor, MD4. The tool, Stripwire, implements some of the attacks that are described in the chapter.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
