[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Size of IV field in DES-CBC mode

To: karn@qualcomm.com
Subject: Re: Size of IV field in DES-CBC mode
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 19 Dec 1994 14:50:09 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Mon, 19 Dec 1994 02:48:13 PST." <199412191048.CAA01748@unix.ka9q.ampr.org>
Reply-To: perry@imsi.com


Phil Karn says:
> Do we really need a full 8 bytes for the IV field in the baseline
> DES-CBC mode?

Well, if you are on a gigabit network, you would run through all
possibilities for only 32 bits of IV very, very fast. Of course, DES
is likely a foolish choice for encrypting any serious traffic, anyway,
but for 3DES it makes sense to have a reasonable sized IV.

Myself, I'd say this should be handled by having a different transform
that handles smaller IVs -- or at least, even if the DES case uses
small IVs the 3DES case should not by default.

Perry

Follow-Ups:

Re: Size of IV field in DES-CBC mode

From: Phil Karn <karn@unix.ka9q.ampr.org>

References:

Size of IV field in DES-CBC mode

From: Phil Karn <karn@unix.ka9q.ampr.org>

Prev by Date: Address as IV [was] Size of IV field in DES-CBC mode
Next by Date: Re: Size of IV field in DES-CBC mode
Prev by thread: Re: Size of IV field in DES-CBC mode
Next by thread: Re: Size of IV field in DES-CBC mode
Index(es):
- Main
- Thread