[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: replay field size
Phil Karn says:
> Make the replay counters 32 bits for both AH and ESP. Should be plenty
> for any rational key lifetime, and the arithmetic is easier on
> compilers without "long long" data types...
Probably.
> Shorten the SHA-1 hash to 128 bits. Probably won't be any worse than
> MD-5...
Actually, 128 bits of SHA-1 will be much better than 128 bits of MD5,
as it's more resistant to Preneel and van Orschott attack.
--
Regards,
Uri uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>
References: