[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSEC WORKING GROUP LAST CALL



The <draft-ietf-ipsec-ciph-cbc-01.txt> document already defines blowfish
as using a key length of between 40 and 448 bits.  RC5 and CAST may also
use 40 bits.  The question is do we want to modify the DES cipher
document to include variable key lengths (40 and 56 bits) ?

>-----Original Message-----
>From:	Daniel Harkins [SMTP:dharkins@cisco.com]
>Sent:	Friday, February 20, 1998 2:29 PM
>To:	Theodore Y. Ts'o
>Cc:	Robert Moskowitz; adams@cisco.com; perry@piermont.com; ipsec@tis.com
>Subject:	Re: IPSEC WORKING GROUP LAST CALL 
>
>As Bob said, how to weaken the key is well known but I figured a CBC-MAC
>was well known and that apparently is not the case. We need documents
>describing things and there is no document describing "40 bit DES" (maybe
>there's some weird gov't document that I'm not aware of). Since DES does 
>not use a variable length key-- "40 bit DES" uses and 8 byte key the same 
>as "56 bit DES"-- it is not appropriate to negotiate DES with the key length 
>attribute set to 40. So I think "40 bit DES" is out.
>
>Perhaps a compromise between the two camps is to add another document to 
>the pile that will allow people who happen to live in a country with export
>regulations to export an IPSec implementation. That would be some document
>that describes a variable length cipher, which means RC4 or Blowfish.
>Personally, I'd prefer Blowfish.
>
>How does this sound? We (the IPSec WG) are not tacitly endorsing this
>insane policy our gov't (and Israel's gov't and Russia's gov't and France's
>gov't and .... ) has, yet we're giving people whose livelihood depends on 
>being able to sell product to continue to be gainfully employed and producing
>something useful and secure (in addition to the weak exportable product). 
>
>  Dan.
>