classification
Title: Incorrect note about md5 in hmac module documentation
Type: security Stage:
Components: Documentation Versions: Python 3.1, Python 3.2, Python 2.7, Python 2.6
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: docs@python Nosy List: brainsik, docs@python, georg.brandl, terry.reedy
Priority: normal Keywords:

Created on 2009-02-11 00:39 by brainsik, last changed 2010-10-17 10:09 by georg.brandl. This issue is now closed.

Messages (6)
msg81615 - (view) Author: .:. brainsik (brainsik) Date: 2009-02-11 00:39
The HMAC module page [1] says:

Note: The md5 hash has known weaknesses but remains the default for
backwards compatibility. Choose a better one for your application.

However, according to the "Hash Collision Q&A" [2] linked to from the
hashlib module [3], md5 is not vulnerable when used in an HMAC:

Q: Do these attacks break HMAC using MD5 or SHA-1?
A: No. Because of the way hash functions are used in the HMAC
construction, the techniques used in these recent attacks do not apply.

It seems like the note is incorrect.

1. http://docs.python.org/library/hmac.html
2. http://www.cryptography.com/cnews/hash.html
3. http://docs.python.org/library/hashlib.html
msg81616 - (view) Author: .:. brainsik (brainsik) Date: 2009-02-11 00:44
Bruce Schneier also says (regarding the SHA-1 collision attacks), "it
doesn't affect applications such as HMAC where collisions aren't important":

http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
msg108667 - (view) Author: Terry J. Reedy (terry.reedy) * (Python committer) Date: 2010-06-26 00:50
Are you proposing that the note be removed entirely (and ignore the results it is based on) or just reworded? If it were removed, I could imagine complaints. If reword, specifically how?
msg108892 - (view) Author: .:. brainsik (brainsik) Date: 2010-06-29 05:05
Since the note is incorrect, it seems like it should be removed. What "results it is based on" are you referring to and what complaints are you concerned about?
msg108893 - (view) Author: Terry J. Reedy (terry.reedy) * (Python committer) Date: 2010-06-29 05:10
The supposed 'known weaknesses'. I have no particular opinion.
Anyway, we have your recommendation: remove the note.
I will let others defend it.
msg118923 - (view) Author: Georg Brandl (georg.brandl) * (Python committer) Date: 2010-10-17 10:09
Removed note in r85617.
History
Date User Action Args
2010-10-17 10:09:15georg.brandlsetstatus: open -> closed
resolution: fixed
messages: + msg118923
2010-06-29 05:10:44terry.reedysetmessages: + msg108893
2010-06-29 05:05:08brainsiksetmessages: + msg108892
2010-06-26 00:50:49terry.reedysetassignee: georg.brandl -> docs@python

messages: + msg108667
nosy: + terry.reedy, docs@python
2010-06-26 00:47:20terry.reedysetversions: + Python 3.1, Python 2.7, Python 3.2, - Python 2.5, Python 3.0
2009-02-11 00:44:23brainsiksetmessages: + msg81616
2009-02-11 00:39:50brainsikcreate