On Sun, 29 Jan 1995, David A. Wagner wrote: > > > > Anyone care to do a real-time test? Generate some random strings of > > varying length, including some one-byte responses, until you have some > > large number, say, 10000 of these strings. Randomly assign some to one > > side, so that maybe one side has 1000 outgoing strings and 9000 incoming, > > then have an MD5 checksum done in which the program generates a checksum > > for each line, sends it, then after, say, 10 lines, sends a message the > > other way. > > > > I think you misunderstood my (proposed) use of MD5. > > MD5 would *not* be invoked for every packet sent -- *only* > for SYN packets, i.e. for TCP/IP connection startup. > > There'd be one invocation of MD5 per new connection request > per machine. Furthermore, the input being hashed would only > need to be a few bytes -- 8 or 16 is plenty. So again, what's to keep someone from hijacking the connection again. Comes in, steals the packets on the wire. Substitutes his for the real ones, then sends a "close connection" or "reset" back to the original source. He now has an authenticated connection after it's been authenticated. > > I *heard* that there was one bug in the MD5 code printed in > the RFC, but I've never tried it myself. Someone want to check this? If so, it needs to be reported and the RFC needs to be obsoleted and replaced with a new one. Do we have anyone here who has the arithmetic to be able to verify this sort of thing? I can puzzle some things out, but this goes way beyond my mathematical abilities. > There's MD5 code at ripem.msu.edu /pub/crypt/others/md5.zip > which I'm pretty certain is good... Might be worth running tandem verifications of some items and see that they both get the same results, say on a few thousand items.