[Standards] Re: [jdev] XEP-0115: Entity Capabilities

Joe Hildebrand hildjj at gmail.com
Thu Jun 28 19:13:26 CDT 2007


You're worried about the attack where someone generates a set of  
features that has the same hash as the a different set of features.   
In this case, the birthday attack doesn't help, since you only get to  
pick one set of ciphertext.

I really don't care what algorithm we pick.  They will likely all be  
cracked one day.  Please pick one that emits a relatively small hash,  
though, please.

On Jun 28, 2007, at 4:40 PM, Andreas Monitzer wrote:

> On Jun 29, 2007, at 00:12, Joe Hildebrand wrote:
>
>> - calculate the MD5 sum for E
>
> Why md5, which has been proven to be insecure? SHA1 would be just  
> as easy to implement, and is much better in this regard.
>
> andy
>



More information about the Standards mailing list