Networking: November 2008 Archives

 

November 20, 2008

Sorry for the blogging slowdown. Some combination of IETF prep, IETF, and what seems to be a severe case of anthrax has cut into my productivity.

My slides for this IETF can be found below:

The first two of these are self-explanatory. The third is a little less so. There's a lot of usage of cryptographic hash functions outside of security context, just because they're good fingerprint functions/checksums, etc. Most people don't really know exactly what the property of CRC is, but (at least they think) they understand MD5 or SHA-1, so they get anchored on it. This probably isn't a great choice. First, you can design much faster hash functions than cryptographic hashes. Second, it's confusing to run into a cryptographic hash in these contexts, especially when the hash is a weak one like MD5. People start asking: what happens now that MD5 is broken? The answer, of course, is nothing, but that takes analysis.

What I think we need is a fast, non-cryptographic hash that is explicitly weak (by the standards of message digests). I'm not saying we need to develop a new hash; I'm no expert but my read of the literature is that plenty of such functions already exist. The community just needs to pick one or two and standardize it so that everyone knows what to use.