Re: is manual keying mandatory

[Daniel Harkins <dharkins@cisco.com>]

  A certain paranoid individual (guess who) once told me that he would trust 
an armed military courier delivering keys created from a known and trusted 
random source more than he would trust the output of a Diffie-Hellman exchange.
There's not many of these people (or maybe there are and I just hang around 
with the wrong crowd) but that's a use of manual keying. 

  The insecurity of manual keying would depend on the implementation and
the general security of the box it's running on.

  Actually, considering that most commercial implementations aren't going
to let buyers look under the hood, paranoia of that sort might not be all
that unfounded. People could cut corners in their random number generator
or lessen the size of their Diffie-Hellman exponential to speed up
exponentiation. If you're really paranoid and/or have extremely sensitive
data to protect and you don't have absolute trust in your vendor then
manual keying might make sense.

  Dan.

> Could somebody planning a *commercial* IPSec implementation which actually
> uses manual keying spend a few minutes and tell us the details of
> transmittal and storage of keys, etc.? Could they also discuss any
> "insecurities" inherent in the problem? Or is manual keying in the spec only
> for diagnostic sorts of images and bakeoffs?

---

Follow-Ups:

• Re: is manual keying mandatory
• From: Bronislav Kavsan <bkavsan@ire-ma.com>

References:

• Re: is manual keying mandatory
• From: Steve Sneddon <sned@cisco.com>

---

• Prev by Date: RE: is manual keying mandatory
• Next by Date: Re: Please review draft-ietf-pppext-l2tp-sec-03.txt
• Prev by thread: Re: is manual keying mandatory
• Next by thread: Re: is manual keying mandatory
• Index(es):
  • Main
  • Thread