[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed message on perfect forward security

To: Danny.Nessett@eng.sun.com
Subject: Re: Proposed message on perfect forward security
From: Phil Karn <karn@unix.ka9q.ampr.org>
Date: Tue, 14 Mar 1995 02:48:34 -0800
Cc: ipng@sunroof.eng.sun.com, ipsec@ans.net
In-Reply-To: <199503071827.AA21100@interlock.ans.net> (Danny.Nessett@Eng.Sun.COM)

>On the other hand, many other applications have no strong requirement for
>perfect forward security. Examples of these fall generally into that class

But this is not an argument against mechanisms that do provide perfect
forward secrecy unless you can *prove* that the extra cost is
unacceptable. As CPUs get faster, the authors of modexp routines get
smarter, and the IPSEC group gets older, I find it increasing hard to
justify developing lots of different algorithms.  I'd much prefer to
do one for the most general case and leave it at that.

Phil

References:

Proposed message on perfect forward security

From: Danny.Nessett@eng.sun.com (Dan Nessett)

Prev by Date: Re: WG last call for IPv4 AH and ESP
Next by Date: MD5 hash calculation
Prev by thread: Proposed message on perfect forward security
Next by thread: Re: Proposed message on perfect forward security
Index(es):
- Main
- Thread