[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: adding RADIUS to pam



   Date: Wed, 12 Aug 1998 10:44:16 -0700 (PDT)
   From: Dan Hollis <goemon@sasami.anime.net>

   FWIW, Radius uses md5 which I believe has been declared "exportable".

Careful here.  MD5 when used as a crypto checksum for authentication or
integrity checking is exportable.  If you take MD5 and use it for data
encryption, I know of no official government statement which says that
it is in fact exportable.  

More of a concern on a security front is that MD5 was never designed to
be used for data encryption in that manner, and as far as I know it's
received no cryptographic review for it being used that way.  Also
consider that Hans Dobertin in Germany has been making progress in his
attempts to analyze and break MD5, and so I wouldn't recommend that
folks depend on a system which uses md5 the way Radius uses it.

						- Ted



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []