[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 3DES with 40-bit key?

To: Ari.Huttunen@lmf.ericsson.se
Subject: Re: 3DES with 40-bit key?
From: Paul Koning <pkoning@xedia.com>
Date: Tue, 30 Mar 1999 14:51:07 -0500
Cc: ipsec@lists.tislabs.com
References: <199903292253.AAA01321@waldorf.appli.se><37010ED1.655EE5EC@lmf.ericsson.se>
Sender: owner-ipsec@lists.tislabs.com

>>>>> "Ari" == Ari Huttunen <Ari.Huttunen@lmf.ericsson.se> writes:

 Ari> Actually I was thinking more of only allowing single-DES in the
 Ari> re-exported version and variable keylength algorithms with the
 Ari> length limited to 56 bits. This might not be very interoperable,
 Ari> particularly if our our implementation is the responding side,
 Ari> but at least it's exactly what it claims to be.

 Ari> I would very much prefer an interoperable way to limit the
 Ari> keysize, something that is controllable with the security
 Ari> policy. The default policy might be to not allow watered down
 Ari> cryptography, and the customer would have to specifically allow
 Ari> it.

I think you're all set then.

DES has 56 bit keys.  With variable length key systems, you can select 
the keylength.  So the protocol allows what you need.  (There is no
way to say "3DES with 56 bit keys"; if that's what you mean then you
ask for it by saying "DES".)

As for policy, management of policy isn't currently standardized and
in any case is a local matter, so you can already have your
implementation do what it needs to.

	paul

References:

Re: 3DES with 40-bit key?

From: Niklas Hallqvist <niklas@appli.se>

Re: 3DES with 40-bit key?

From: Ari Huttunen <Ari.Huttunen@lmf.ericsson.se>

Prev by Date: Re: IPSec - Mobile IP users...
Next by Date: Re: Quick Mode and resistance to related-key cryptanalysis
Prev by thread: Re: 3DES with 40-bit key?
Next by thread: RE: 3DES with 40-bit key?
Index(es):
- Main
- Thread