[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Slicing and dicing

To: Stephen Kent <kent@bbn.com>
Subject: Re: Slicing and dicing
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Date: Fri, 12 Sep 1997 17:28:18 -0400
Address: 1 Amherst St., Cambridge, MA 02139
Cc: Cheryl Madson <cmadson@cisco.com>, ipsec@tis.com
In-Reply-To: Stephen Kent's message of Fri, 12 Sep 1997 16:31:27 -0400,<v03102816b03f554fed0a@[128.89.0.110]>
Phone: (617) 253-8091
Sender: owner-ipsec@ex.tis.com


I should I have acknowledged that it was Steve that pointed out to me
that the issue of weak and semi-weak keys really wasn't a big issue in
DES-CBC; my apologies for not pointing this out.  I agree with Steve's
suggestion that ISAKMP have a generic facility for rejecting keying
material if it is deemed to be insecure for some reason.  It would seem
to me that this would simply be a matter of defining a new ISAKMP Notify
Message Error Type:

	WEAK-KEY-REJECTED	27

... and then adding some text in the various encryption algorithm
documents stating that under some circumstances weak keys need to be
rejected using this ISAKMP error.  Given that weak keys are
algorithm-specific, it would seem that this text would have to go in the
encryption algorithm documents.

Would this satisfy folks?

BTW, I'd suggest not including the weak and semi-weak keys, and I'd
suggest NOT referencing Schneier; instead, I'd suggest referencing the
original FIPS documents, since that's much more authoratative, and they
*are* easily available on the web.

						- Ted

References:

Re: Slicing and dicing

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: Encryption + expansion of ISAKMP packets/payloads
Next by Date: RE: Ordering of payloads
Prev by thread: Re: Slicing and dicing
Next by thread: Re: Slicing and dicing
Index(es):
- Main
- Thread