[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Incorporation of AES into IPSec

To: Tero Kivinen <kivinen@ssh.fi>
Subject: Re: Incorporation of AES into IPSec
From: jerome@psti.com
Date: Mon, 6 Dec 1999 14:04:07 -0500
Cc: Mark Shuttleworth <marks@thawte.com>, ipsec@lists.tislabs.com
In-Reply-To: <199912061848.UAA09410@torni.ssh.fi>; from Tero Kivinen on Mon, Dec 06, 1999 at 08:48:05PM +0200
References: <384BD0FE.35DF2320@thawte.com> <19991206115932.A26797@jerome.psti.com> <199912061848.UAA09410@torni.ssh.fi>
Reply-To: jerome@psti.com
Sender: owner-ipsec@lists.tislabs.com

On Mon, Dec 06, 1999 at 08:48:05PM +0200, Tero Kivinen wrote:
> jerome@psti.com writes:
> > > If you were wanting to protect
> > > data for 50 years, would 3DES be good enough?
> > it's hard to do prediction over so long time, but 3DES has a 168bits key.
> > it is safe against a brute force attack. A cryptanalitic breakthrough
> 
> No, 3DES do NOT have 168 bits of strength.

that's why i said a key of 168bits and not a strengh.

> Its effective strength is 112 bits, if you have 2^56 blocks of memory. 

Ok, but 2^56 blocks of memory (2^29 GB) is a lot and is unlikely 
to be acceed fast enougth to performed 2^112 search in it in a
reasonnable time.
Moreover such amount of memory is harder to paralize than cpu-only
brute force, so it will be shared by several cpus, creating lock
problems and slowing down the overall search.

References:

Re: Incorporation of AES into IPSec

From: Mark Shuttleworth <marks@thawte.com>

Re: Incorporation of AES into IPSec

From: jerome@psti.com

Re: Incorporation of AES into IPSec

From: Tero Kivinen <kivinen@ssh.fi>

Prev by Date: Re: Incorporation of AES into IPSec
Next by Date: Re: IPSec SA DELETE in "dangling" implementation
Prev by thread: Re: Incorporation of AES into IPSec
Next by thread: Re: Incorporation of AES into IPSec
Index(es):
- Main
- Thread