flak rss random

secure email hashing

Received an email this morning about a package containing a large amount of cash being held by DHL (yippee!). As befits important email of a security sensitive nature, they tried to sign the message, or at least I think that’s what they were trying to do.

To: tedu@cvs.openbsd.org, hmac-ripemd160-etm@openssh.com

While it’s comforting to see that they chose the more secure encrypt-then-mac construction, RIPEMD-160 is hardly cutting edge. As such, I’m not sure I can trust this message.

Posted 23 Mar 2014 21:21 by tedu Updated: 23 Mar 2014 21:21