[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

From: Greg Carter <greg.carter@entrust.com>
To: "'perry@piermont.com'" <perry@piermont.com>
Cc: "'ipsec@tis.com'" <ipsec@tis.com>
Subject: RE: How to negotiate key length with ISAKMP? 
Date: Tue, 24 Jun 1997 07:43:22 -0400
X-Mailer:  Microsoft Exchange Server Internet Mail Connector Version
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@portal.ex.tis.com
Precedence: bulk

>From: 	Perry E. Metzger[SMTP:perry@piermont.com]
>Sent: 	Monday, June 23, 1997 3:48 PM
>To: 	Rodney Thayer
>Cc: 	ipsec@tis.com
>Subject: 	Re: How to negotiate key length with ISAKMP? 
>Rodney Thayer writes:
>> With CAST (and RC5, and ARCFOUR...) we are going to want to negotiate key
>> length.
>Not to say that you aren't right about needing to negotiate key
>lengths in general, and certainly with RC4 and RC5, but I believe
>CAST-64 and CAST-128 are really different algorithms, not a single
>algorithm with a variable sized key length.
No they are the same algorithm.

>From the CAST-128 RFC 2144

   2.5. Variable Keysize

   The CAST-128 encryption algorithm has been designed to allow a key 
   size that can vary from 40 bits to 128 bits, in 8-bit increments 
   (that is, the allowable key sizes are 40, 48, 56, 64, ..., 112, 120, 
   and 128 bits).  For variable keysize operation, the specification is 
   as follows:
   In order to avoid confusion when variable keysize operation is used, 
   the name CAST-128 is to be considered synonymous with the name CAST5;
   this allows a keysize to be appended without ambiguity.  Thus, for 
   example, CAST-128 with a 40-bit key is to be referred to as CAST5-40;
   where a 128-bit key is explicitly intended, the name CAST5-128 should
   be used.

Greg Carter
Entrust Technologies