[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
<c=CA%a=_%p=NorTel_Secure_Ne%l=GRANNY-970624114322Z-1618@mail.entrust.com>
From: Greg Carter <greg.carter@entrust.com>
To: "'perry@piermont.com'" <perry@piermont.com>
Cc: "'ipsec@tis.com'" <ipsec@tis.com>
Subject: RE: How to negotiate key length with ISAKMP?
Date: Tue, 24 Jun 1997 07:43:22 -0400
X-Mailer: Microsoft Exchange Server Internet Mail Connector Version
4.0.994.63
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@portal.ex.tis.com
Precedence: bulk
>----------
>From: Perry E. Metzger[SMTP:perry@piermont.com]
>Sent: Monday, June 23, 1997 3:48 PM
>To: Rodney Thayer
>Cc: ipsec@tis.com
>Subject: Re: How to negotiate key length with ISAKMP?
>
>
>Rodney Thayer writes:
>> With CAST (and RC5, and ARCFOUR...) we are going to want to negotiate key
>> length.
>
>Not to say that you aren't right about needing to negotiate key
>lengths in general, and certainly with RC4 and RC5, but I believe
>CAST-64 and CAST-128 are really different algorithms, not a single
>algorithm with a variable sized key length.
>
>Perry
>
No they are the same algorithm.
>From the CAST-128 RFC 2144
2.5. Variable Keysize
The CAST-128 encryption algorithm has been designed to allow a key
size that can vary from 40 bits to 128 bits, in 8-bit increments
(that is, the allowable key sizes are 40, 48, 56, 64, ..., 112, 120,
and 128 bits). For variable keysize operation, the specification is
as follows:
....
[SNIP]
....
In order to avoid confusion when variable keysize operation is used,
the name CAST-128 is to be considered synonymous with the name CAST5;
this allows a keysize to be appended without ambiguity. Thus, for
example, CAST-128 with a 40-bit key is to be referred to as CAST5-40;
where a 128-bit key is explicitly intended, the name CAST5-128 should
be used.
----
Greg Carter
Entrust Technologies
carterg@entrust.com
>