[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DES futile?

To: "William Allen Simpson" <wsimpson@greendragon.com>
Subject: Re: DES futile?
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 21 Jun 1997 16:20:24 -0400
cc: ipsec@tis.com
In-reply-to: Your message of "Sat, 21 Jun 1997 18:46:49 GMT." <6070.wsimpson@greendragon.com>
Reply-To: perry@piermont.com
Sender: owner-ipsec@ex.tis.com

"William Allen Simpson" writes:
> I've read it.  In some retrospect, you are correct; it not only depends
> on the time value of the data, but also the size of the attacker.

Yup.

> Since you are in an industry where a few million $ here and there is no
> problem, you are saying that we need a _basic_ protection against large
> corporations and major governments?
> 
> That is, are you saying we should abandon DES as mandatory?

I don't think so. I personally would prefer 3DES as the mandatory
base, but it is my opinion that this working group isn't ready to do
that. Remember the following: OUR PRIMARY OBJECTIVE IS TO GET THIS
WORKING GROUP FINISHED AND SHUT DOWN. I cannot emphasize that
enough. A battle over 3DES vs. DES as mandatory, would only slow us
down. However, I can't see much resistance to making 3DES
"recommended" and thus that is what I suggest -- so that we don't slow
down our work.

It does a lot for me anyway. If 3DES is "recommended", my clients who
need it will be able to jawbone vendors to get it when they need
it. We can worry about "mandatory" in a few years.

Perry

References:

DES futile?

From: "William Allen Simpson" <wsimpson@greendragon.com>

Prev by Date: Re: A little social engineering
Next by Date: Re: Time value and 56-bit DES [Re: CAST5-128 was: A little socialengineering]
Prev by thread: DES futile?
Next by thread: ICMP must fragment and IPsec
Index(es):
- Main
- Thread