Multiple keys/methods per key exchange (e.g. multi-md5-sha1-md4 at libssh.org) Re: [PATCH] curve25519-sha256 at libssh.org key exchange proposal
Christian Weisgerber
naddy at mips.inka.de
Thu Sep 26 01:40:44 EST 2013
Roland Mainz <roland.mainz at nrubsig.org> wrote:
> Is it usefull to combine multiple hash algorithms/methods for a key exchange ?
>
> The idea would be to use something like "md5" and "sha1" in a key
> exchange (and append the hash sums) ... individually there are
> obsolete and more or less cracked or have serious weaknesses, but if
> the hash sums are combined (e.g. appended... *NOT* XOR'ed !) it would
> be near impossible to exploit the known weaknesses for reasonable
> small data.
In general, this is not a good idea, see
Antoine Joux, "Multicollisions in iterated hash functions. Application
to cascased constructions"
http://www.iacr.org/cryptodb/archive/2004/CRYPTO/1472/1472.pdf
--
Christian "naddy" Weisgerber naddy at mips.inka.de
More information about the openssh-unix-dev
mailing list