[EXTERNAL] Re: MD5 and FIPS
Jordan Brown
openssl at jordan.maileater.net
Thu Feb 2 00:46:32 UTC 2023
In a FIPS-140 environment:
Can you use CRC32?
Can you use a 16-bit ones' complement checksum?
Can you use parity?
Can you calculate credit card check digits?
It seems to me that at this point MD5 should be in the same category as
those non-cryptographic checksums.
It's a checksum algorithm. It's not secure. You must not use it for
security-sensitive purposes. But that shouldn't mean that you can't use it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230201/936943ab/attachment.htm>
More information about the openssl-users
mailing list