[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Slicing and dicing

To: karn@qualcomm.com, tytso@MIT.EDU
Subject: Re: Slicing and dicing
From: jim@mentat.com (Jim Gillogly)
Date: Fri, 12 Sep 97 09:56:27 PDT
Cc: karl@Ascend.COM, rodney@sabletech.com, ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

Phil Karn sez:
>    How likely are we to generate a weak key by random accident? Is it
>    worth worrying about?

Ted T'so responds:
...
> Note that this is also only a problem if we some how end up
> re-encrypting the encrypted packet again, such as in applications where
> you might be using two layers of ESP for some reason.  In those cases,
> the probability of trouble would be (20 * 2**-56 * 2**-56 * 20**-64), or
> (20 * 2**-176), or 2 * 10**-52.

Putting this in perspective, there are about pi * 10^7 seconds per year,
so if everybody on earth (10^10, in round numbers) were changing keys 10^10
times per second, somebody would expose a stream once in 10^25 years.

I think I can live with that.

	Jim Gillogly

Prev by Date: Re: Slicing and dicing
Next by Date: Re: Slicing and dicing
Prev by thread: Re: Slicing and dicing
Next by thread: Certification/Endpoint Identification
Index(es):
- Main
- Thread