[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Generic CBC-MAC specification



Theodore Y. Ts'o writes:

> So, the main question before us is not that of security, but of
> interoperability, with apparently more than one documented way of a
> CBC-MAC.  Question: has anyone actually implemented 3DES-CBC-MAC as a
> PRF to be used in ISAKMP/Oakley?  If so, how did you do it?  The FIPS-81
> way, or X9.19 way?

I have implemented it, and done it the FIPS-81 way.  However, I have no
problem dropping it, partly because I'm not comfortable with it and
partly because it requires a lot of extra code to support.  I will be
more than happy to demonstrate a very peculiar result of using it as
your prf at the workshop.


ben



References: