[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPv6 Security Last Call Initial Questions
Theodore Ts'o says:
> IP issues aside, what's the strength of CDMF? My understanding of 40
> bit RC4 is that it doesn't give away anything about the NSA's ability to
> crack cyphers. 40-bit RC4 is reportedly quiet easy for anyone to
Let's see - it's 56 bits in, internally weakened to 40. SO overall
strength is 40 bits - but you can't just mount brute-force attack.
But why trust me - look it up and decide for yourself!
> If CDMF is similarily weak, what's the point of using it at all?
Well, it's only 40 bits strong. I don't think it's as weak as 40-bits RC4.
Under today's laws, even this was quite a bitch to get exportable. I can't
see how anything better will be exportable, unless the regulations change.
So if being exportable is your goal - you'll have to balance the security
requirements (yes, DES with subkeys provided by pseudo-random generator is
more secure - but you'll never export it, ever) with your other constrains,
like can you afford a product, that is stuck witnin USA?
My answer to your question would be - I'd use CDMF if being exportable were
more important for me, than being absolutely unbreakable. I realize that it
is impossible to satisfy both under current laws. Sacrifice - you choose.
Uri firstname.lastname@example.org N2RIU