Re: key processing for manual and dynamic SA

[Paul Koning <pkoning@xedia.com>]

The standard representation for DES keys is as 64 bit values, with the 
byte parity in the low order bit of each byte.

The only sensible approach I can see for dealing with the parity bit
is to ignore it.  If the DES implementation requires valid parity
(I've never seen one that does) then the software can invisibly supply 
the correct parity from the user supplied key.

Passing just 56 bits as 14 hex digits does not strike me as a good
approach, because it goes against well established precedent.

As for dynamic keying and weak keys, there's an explicit list of weak
keys to check for and a rule for how to deal with that.  There are
other keys ("possibly weak" in Scheier) in DES that you may or may not 
want to check for, as well as weak keys for other algorithms (IDEA,
Blowfish).  Since the spec doesn't explicitly require checking for
those, you can't use a "move one byte and try again" approach.
Instead, if you want to refuse such keys, the only method I can see
that works is to negotiate another key (as if this key had already
expired).

	paul

---

Follow-Ups:

• Re: key processing for manual and dynamic SA
• From: Stephen Kent <kent@bbn.com>
• Re: key processing for manual and dynamic SA
• From: tytso@MIT.EDU

References:

• key processing for manual and dynamic SA
• From: Stephen Waters <Stephen.Waters@digital.com>

---

• Prev by Date: Re: ESP and AH used in tunnel mode by a Security Gateway
• Next by Date: Re: key processing for manual and dynamic SA
• Prev by thread: key processing for manual and dynamic SA
• Next by thread: Re: key processing for manual and dynamic SA
• Index(es):
  • Main
  • Thread