HMAC-MD5-96

HMAC-MD5-96

Also known as HMAC-MD5 (RFC 1321), this hashing technique is based on MD5 developed by Ronald Rivest of MIT and RSA Data Security Incorporated. HMAC-MD5 uses a 128-bit secret key to produce a 128-bit authenticator value. Once produced, the 128-bit value is truncated to only the first 96 bits and stored in the AH or ESP authenticator field of the new packet. At the destination peer, the 128-bit authenticator value is computed and the first 96 bits are compared to the value stored in the authenticator field.

While the MD5 algorithm used alone was found vulnerable to collision search attacks and other known weaknesses, the vulnerability doesn’t impact HMAC-MD5.