Eric S. Raymond
esr at thyrsus.com
Fri Jan 5 22:01:57 UTC 2018
Kurt Roeckx <kurt at roeckx.be>:
> So I want to clarify this a little. As far as I know MD5 is actually
> broken for preimage resistance, but it's only slightly faster than
> bruce force. For SHA-1 it's only a reduced version that's broken. In
> the long run you should not trust them, but I don't think there is a
> reason to panic (if only preimage resistance is important).
> I have no idea how it's used in NTP. But I understand it's some
> kind of shared password? You should clearly look in how it's being
> used and if that actually makes sense. Maybe it needs more than
> just replacing the hash algorithm.
I'm not fully qualified to do that audit. Daniel Franke is.
Daniel? Can we get an opinion from our expert?
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
More information about the devel