Interoperability issues using TSIG with HMAC-SHA224
Chris Thompson
cet1 at cam.ac.uk
Mon Jan 11 20:42:16 UTC 2010
On Jan 9 2010, Evan Hunt wrote:
>We've recently found out about an interoperability flaw affecting all the
>HMAC-SHA* algorithms; it affects any key with a secret longer than the
>digest length of the algorithm (which is 28 bytes, for HMAC-SHA224). If
>your secret is longer than that, try a shorter key and see if that works.
Just to clarify, does this also apply to HMAC-MD5 (block size = 64 bytes,
digest size = 16 bytes) ?
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list