Message81615
The HMAC module page [1] says:
Note: The md5 hash has known weaknesses but remains the default for
backwards compatibility. Choose a better one for your application.
However, according to the "Hash Collision Q&A" [2] linked to from the
hashlib module [3], md5 is not vulnerable when used in an HMAC:
Q: Do these attacks break HMAC using MD5 or SHA-1?
A: No. Because of the way hash functions are used in the HMAC
construction, the techniques used in these recent attacks do not apply.
It seems like the note is incorrect.
1. http://docs.python.org/library/hmac.html
2. http://www.cryptography.com/cnews/hash.html
3. http://docs.python.org/library/hashlib.html |
|
Date |
User |
Action |
Args |
2009-02-11 00:39:52 | brainsik | set | recipients:
+ brainsik, georg.brandl |
2009-02-11 00:39:52 | brainsik | set | messageid: <1234312792.25.0.547667950303.issue5212@psf.upfronthosting.co.za> |
2009-02-11 00:39:50 | brainsik | link | issue5212 messages |
2009-02-11 00:39:50 | brainsik | create | |
|