[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
starting on asking THE QUESTION
I am sitting here in saag trying to capture Jeff's cypher question.
Here is the pertinent part of 2406
5. Conformance Requirements
Implementations that claim conformance or compliance with this
specification MUST implement the ESP syntax and processing described
here and MUST comply with all requirements of the Security
Architecture document. If the key used to compute an ICV is manually
distributed, correct provision of the anti-replay service would
require correct maintenance of the counter state at the sender, until
the key is replaced, and there likely would be no automated recovery
provision if counter overflow were imminent. Thus a compliant
implementation SHOULD NOT provide this service in conjunction with
SAs that are manually keyed. A compliant ESP implementation MUST
support the following mandatory-to-implement algorithms:
- DES in CBC mode [MD97]
- HMAC with MD5 [MG97a]
- HMAC with SHA-1 [MG97b]
- NULL Authentication algorithm
- NULL Encryption algorithm
It seems that there is some level of concensus for:
Drop DES
Make 3DES as manditory
There is a debate on the need or advisablity of a 2nd manditory
SO PROPOSED QUESTION # 1
1a) Should a 2nd MUST cipher be added to 2406
1b) Shoud a SHOULD cipher be added to 2406
PROPOSED QUESTION # 2
Should we make the change to the standard (other than switch from DES to 3DES)
2a) This Year
2b) Next Year
PROPOSED QUESTION #3
Should the 2nd cipher be:
3a) An existing non-DES cipher
3b) One of the 5 AES finalists
We will discuss these questions before I call for straw votes to me and Ted.
Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com
Follow-Ups: