[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IV sizes for AES candidates
On Tue, 8 Aug 2000, Sheila Frankel wrote:
> If the consensus of the group is that we should stick with the
> tried-and-true CBC mode, that's fine with us, and the next version of the
> draft will reflect that.
No!!! This is NOT the consensus. At least the counter mode should also
being reconsidered as a standard.
[Somewhere in spring I announced that a draft, coauthored by me and Phil
Rogaway, on counter mode was in works. Unfortunately, by many obstacles it
is still in works, but it will be ready during this month!]
> The only keysize required by the draft is 128 bits; the others are
> optional. We are interested in comments from the list - should the other
> key sizes be mentioned at all? any other comments on the "IKE Interactions"
Other key sizes have no practical benefit at this moment.
> By the way, has anyone else implemented any of the AES candidates in IPsec
> and/or IKE?
I've implemented all AES candidates, but not in context of IPSec.