[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Incorporation of AES into IPSec
In message <384A9711.C4C82DF9@public.uni-hamburg.de>, Thilo Rusche writes:
> Hi,
>
> are there any plans to make AES, once it has been standardized, a
> required algorithm for ESP? And if not, when will DES be replaced with
> something more secure as the mandatory encryption algorithm? Any
> pointers to appropriate readings would be appreciated.
>
This has been discussed extensively. AES isn't ready yet, and won't be
announced till ~August. We can't standardize something that doesn't exist.
It's an open question when it will be considered trustworthy enough. For now,
make sure your code is AES-ready (larger key sizes and larger block sizes),
and use 3DES.
--Steve Bellovin
Follow-Ups: