Re: IKE entropy issues with long keys

["Hilarie Orman" <HORMAN@novell.com>]

The AES requirements have more to do with cryptanalysis than brute
force key search.   The real enemy of 128 bits is quantum computers*.

Hilarie

*Everytime someone writes "quantum computer" it seems to validate
the idea that there is or could be a quantum computer.  That's
not the intent of my use of the term. 

>>> Wes Hardaker <wes@hardakers.net> 02/05/01 10:45AM >>>
>>>>> On Fri, 2 Feb 2001 17:53:13 -0500, "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com> said:

Andrew> Wes, some of these issues have been discussed recently on this list.

Andrew> See: http://www.vpnc.org/ietf-ipsec/mail-archive/msg01288.html 
Andrew> and: http://www.vpnc.org/ietf-ipsec/mail-archive/msg01817.html 

Andrew> and the discussions surrounding them.

I wasn't suggesting the problem be solved (since its too late).  It
should, IMHO, be at least mentioned in the documents even if the
problem itself is ignored and not solved.

Also, IMHO, The "2^128 is large enough" response is a silly one.  If
that were true, we wouldn't bother developing new algorithms with
longer key lengths.  The AES requirements required longer key lengths
for a reason.  Currently unknown attacks may reduce the functional key
space of an algorithm to something that is computationally feasible.
-- 
Wes Hardaker
NAI Labs
Network Associates

---

Follow-Ups:

• Re: IKE entropy issues with long keys
• From: Wes Hardaker <wes@hardakers.net>

---

• Prev by Date: Re: IKE entropy issues with long keys
• Next by Date: Again with another doubt!
• Prev by thread: Re: IKE entropy issues with long keys
• Next by thread: Re: IKE entropy issues with long keys
• Index(es):
  • Main
  • Thread