RFC 4894 · INFORMATIONAL · 2007
SUN · 14 JUN 2026
Use of Hash Algorithms in Internet Key Exchange and IPsec
Overview
RFC 4894, “Use of Hash Algorithms in Internet Key Exchange and IPsec”, is an Informational document published in May 2007 by P. Hoffman. The canonical text is published by the RFC Editor.
Abstract
This document describes how the IKEv1 (Internet Key Exchange version 1), IKEv2, and IPsec protocols use hash functions, and explains the level of vulnerability of these protocols to the reduced collision resistance of the MD5 and SHA-1 hash algorithms. This memo provides information for the Internet community.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
Read this RFC
The canonical text of RFC 4894 is hosted at rfc-editor.org. Available in TXT,HTML.
Other RFCs from 2007
- RFC 4893 BGP Support for Four-octet AS Number Space
- RFC 4895 Authenticated Chunks for the Stream Control Transmission Protocol
- RFC 4892 Requirements for a Mechanism Identifying a Name Server Instance
- RFC 4896 Signaling Compression Corrections and Clarifications
- RFC 4891 Using IPsec to Secure IPv6-in-IPv4 Tunnels
- RFC 4897 Handling Normative References to Standards-Track Documents
- RFC 4890 Recommendations for Filtering ICMPv6 Messages in Firewalls
- RFC 4898 TCP Extended Statistics MIB