[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new second mandatory IPsec cipher
At 06:02 PM 7/13/99 +0000, Sandy Harris wrote:
>Rodney Thayer wrote:
>>
>> We've been talking about declaring a second mandatory to implement cipher,
>> or in some way declaring a new second cipher for IPsec. . . .
>
>I don't think it is for IPSEC, though. Blowfish needs extra
>setup time on every key change to generate the random s-boxes.
>Schneier himself says (p 336 AC II):
>
> Blowfish is optimised for applications where the key does
> not change often ... not suitable for applications, such
> as packet switching, with frequent key changes...
After you consider all the heavy lifting required for IPsec/IKE, I don't think
Blowfish setup time is really an issue. I also don't buy the "it takes a
lot of
memory per context" argument, myself, but there are memory-challenged
implementations where this is an issue.
Follow-Ups:
References: