[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

starting on asking THE QUESTION



I am sitting here in saag trying to capture Jeff's cypher question.

Here is the pertinent part of 2406

5.  Conformance Requirements

   Implementations that claim conformance or compliance with this
   specification MUST implement the ESP syntax and processing described
   here and MUST comply with all requirements of the Security
   Architecture document.  If the key used to compute an ICV is manually
   distributed, correct provision of the anti-replay service would
   require correct maintenance of the counter state at the sender, until
   the key is replaced, and there likely would be no automated recovery
   provision if counter overflow were imminent.  Thus a compliant
   implementation SHOULD NOT provide this service in conjunction with
   SAs that are manually keyed.  A compliant ESP implementation MUST
   support the following mandatory-to-implement algorithms:

             - DES in CBC mode [MD97]
             - HMAC with MD5 [MG97a]
             - HMAC with SHA-1 [MG97b]
             - NULL Authentication algorithm
             - NULL Encryption algorithm


It seems that there is some level of concensus for:

Drop DES
Make 3DES as manditory

There is a debate on the need or advisablity of a 2nd manditory

SO PROPOSED QUESTION # 1

1a)	Should a 2nd MUST cipher be added to 2406
1b)	Shoud a SHOULD cipher be added to 2406


PROPOSED QUESTION # 2

Should we make the change to the standard (other than switch from DES to 3DES)

2a)	This Year
2b)	Next Year


PROPOSED QUESTION #3

Should the 2nd cipher be:

3a)	An existing non-DES cipher
3b)	One of the 5 AES finalists


We will discuss these questions before I call for straw votes to me and Ted.


Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com


Follow-Ups: