Re: [chrony-dev] Support for another crypto hash?

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]

To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-dev] Support for another crypto hash?
From: Ed W <lists@xxxxxxxxxxxxxx>
Date: Tue, 18 Oct 2011 18:48:28 +0100

On 17/10/2011 12:25, Miroslav Lichvar wrote:
> Hi,
>
> currently the only supported hash for NTP and the chrony cmdmon
> protocol is MD5. I'm not sure if the known MD5 weaknesses apply to the
> used MAC, but even if they don't I think it would be good to
> add support for a stronger hash function.
>
> One way would be to pick one and include a code which implements it
> and has a compatible license, similarly to the MD5 code. Would SHA256
> be a good candidate?
>
> Another way would be to use a crypto library like nss (we can't use
> openssl as it's not compatible with GPL) and allow user to select any
> hash supported by the library. 
>

How about libtomcrypt?  Used for dropbear amongst other things.  Public
domain so you can repackage it under any licence you feel fit including GPL

http://libtom.org/?page=features&whatfile=crypt

Regards

Ed W

---
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Follow-Ups:
- Re: [chrony-dev] Support for another crypto hash?
  - From: Bill Unruh
- Re: [chrony-dev] Support for another crypto hash?
  - From: Miroslav Lichvar

References:
- [chrony-dev] Support for another crypto hash?
  - From: Miroslav Lichvar

Messages sorted by: [ date | thread ]
Prev by Date: [chrony-dev] Support for another crypto hash?
Next by Date: Re: [chrony-dev] Support for another crypto hash?
Previous by thread: [chrony-dev] Support for another crypto hash?
Next by thread: Re: [chrony-dev] Support for another crypto hash?

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/