Skip to main content

SeND Hash Threat Analysis

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Ana Kukec , Suresh Krishnan , Sheng Jiang
Last updated 2008-10-27 (Latest revision 2008-07-01)
Replaced by draft-ietf-csi-hash-threat
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-csi-hash-threat
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document analysis the use of hashes in SeND, possible threats and the impact of recent attacks on hash functions used by SeND. Current SeND specification [rfc3971] uses SHA-1 [sha-1] hash algorithm and PKIX certificates [rfc3280] and does not provide support for the hash algorithm agility. Based on previous analysis, this document suggests multiple hash support that should be included in the SeND update specification.


Ana Kukec
Suresh Krishnan
Sheng Jiang

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)