Christian Huitema wrote: > http://www.huitema.net/talks/ietf63-security.ppt Thanks, with that hint I finally found the HTML version: http://www3.ietf.org/proceedings/05aug/slides/apparea-4/ and http://www3.ietf.org/proceedings/05aug/slides/plenaryt-1.pdf >> With a somewhat unusual password I wouldn't know how an >> attack works. > You would not, but the gentle folks writing the cracking tool > certainly know. Certainly I don't know where to rent the zombie for 10 cents: http://www3.ietf.org/proceedings/05aug/slides/apparea-4/sld5.htm Next slide, yes, CRAM-MD5 is *not* designed for that attack. Adding a prose version of your slides 3..6 and 13 to the security considerations of a 2195bis could improve it. Do I miss a clue, or has DIGEST-MD5 essentially the same issue ? > Note that this is not related to potential weaknesses in MD5. Right, add 20% to your costs to get SHA-1, etc. How did you calculate this, how long have the rented bots to crack a given observed C/R ? Frank _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf