[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03

To: Robert Sparks <rjsparks at estacado.net>
Subject: Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
From: Eric Rescorla <ekr at networkresonance.com>
Date: Wed, 11 Oct 2006 13:53:44 -0700
Cc: Cullen Jennings <fluffy at cisco.com>, SIP <sip at ietf.org>, Michael Thomas <mat at cisco.com>, Pete Cordell <pete at tech-know-ware.com>, Dean Willis <dean.willis at softarmor.com>
In-reply-to: <ADC45BD5-8E19-4F44-8407-F69CFAED9F74@estacado.net> (Robert Sparks's message of "Wed, 11 Oct 2006 13:16:21 -0500")
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <0J5L00L28GI2JL40@jes-fe2.zx.nl> <9102F009-D9C4-4C18-8670-C95F2E98867E@cisco.com> <4522AA1F.4040604@softarmor.com> <683BA38E-E7D4-436C-B964-9B9D6775B827@estacado.net> <99BBB4C6-14B7-40FE-BE90-02899428A540@cisco.com> <1207432B-5F09-4B2E-B14A-CC2CCC628878@estacado.net> <D5C3F54F-F7FC-4A48-9F31-9DD2DAA8FC31@cisco.com> <4523FEEF.1080501@cisco.com> <61797775-A54C-4947-9F69-9C18D69947CC@cisco.com> <45248E06.305@cisco.com> <ADC45BD5-8E19-4F44-8407-F69CFAED9F74@estacado.net>
Reply-to: EKR <ekr at networkresonance.com>
User-agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4.19 (berkeley-unix)

Robert Sparks <rjsparks at estacado.net> writes:

> So, I read this to say the proposed recommendation of CRC32 as
> specified in rfc3309 is ok to go forward with.

I think this is fine.

> Based on the discussion, I think I will also point out that MD5 can
> be used (and has been used in the past),
> that its use would rely only on its collision properties, not any
> cryptographic properties, and point out that it
> is much slower than the alternative above.
>
> Any objection?

No to the choice of CRC32, but yes to the language you suggest
above. Collision-resistance is a technical term in cryptography,
the text above is quite confusing. 

Informally, the property you want is that two hashes of the
input values have a 2^(-b) chance of having the same hash
value. Formalizing this turns out to be a really knotty problem
especially if you assume (as is true in this case) that the
input strings are non-uniform. (universal hashing is one 
way around this problem).

Anyway, I think the correct language ought to be something
like this:

   A common way to create the second part of the branch parameter
   value when forking a request is to compute a hash over the
   concatenation of the Request-URI, any Route header field values
   used during processing the request and any other values used by the
   location service logic while processing this request. The hash
   should be chosen so that there is a low probability that two
   distinct sets of these parameters will collide. Because the maximum
   number of messages which need to be compared is 70 [is this right],
   the chance of a collision is low even with a relatively small hash
   value, such as 32 bits. CRC-32 [REF] is a specific acceptable
   function, as is MD5 [REF].  Note that MD5 is being chosen purely
   for non-cryptographic properties.  An attacker who can control the
   inputs in order to produce a hash collision can attack the
   connection in a variety of other ways.

-Ekr

_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Michael Thomas
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Robert Sparks

References:
- RE: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Jeroen Van Bemmel
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Cullen Jennings
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Dean Willis
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Robert Sparks
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Cullen Jennings
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Robert Sparks
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Cullen Jennings
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Michael Thomas
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Cullen Jennings
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Michael Thomas
- Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
  - From: Robert Sparks

Prev by Date: RE: [Sip] RE: Rejecting connected identity (was RE: draft-ietf-si p-connecte d-id entity-01 comments)
Next by Date: Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
Previous by thread: Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
Next by thread: Re: [Sip] Good Hash: draft-ietf-sip-fork-loop-fix-03
Index(es):
- Date
- Thread