[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Incorporation of AES into IPSec

To: Thilo Rusche <Thilo_Rusche@public.uni-hamburg.de>
Subject: Re: Incorporation of AES into IPSec
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Sun, 05 Dec 1999 11:53:24 -0500
Cc: ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

In message <384A9711.C4C82DF9@public.uni-hamburg.de>, Thilo Rusche writes:
> Hi,
> 
> are there any plans to make AES, once it has been standardized, a
> required algorithm for ESP? And if not, when will DES be replaced with
> something more secure as the mandatory encryption algorithm? Any
> pointers to appropriate readings would be appreciated.
> 
This has been discussed extensively.  AES isn't ready yet, and won't be 
announced till ~August.  We can't standardize something that doesn't exist.  
It's an open question when it will be considered trustworthy enough.  For now, 
make sure your code is AES-ready (larger key sizes and larger block sizes), 
and use 3DES.

		--Steve Bellovin

Follow-Ups:

Re: Incorporation of AES into IPSec

From: Mark Shuttleworth <marks@thawte.com>

Prev by Date: Incorporation of AES into IPSec
Next by Date: Re: IPSec SA DELETE in "dangling" implementation
Prev by thread: Incorporation of AES into IPSec
Next by thread: Re: Incorporation of AES into IPSec
Index(es):
- Main
- Thread