[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE entropy issues with long keys

To: <wes@hardakers.net>
Subject: Re: IKE entropy issues with long keys
From: "Hilarie Orman" <HORMAN@novell.com>
Date: Mon, 05 Feb 2001 18:33:25 -0700
Cc: <ipsec@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

This bit-halving computation sounds interesting.

Beyond that, I think you are trying to conflate two independent
issues.  Cryptanalysis can lead to ways to attack a cipher
that are less effort than brute force key search, but this
doesn't mean that it is necessary to add more entropy to
the key.

Hilarie

>>> Wes Hardaker <wes@hardakers.net> 02/05/01 05:51PM >>>
>>>>> On Mon, 05 Feb 2001 13:06:12 -0700, "Hilarie Orman" <HORMAN@novell.com> said:

Hilarie> The AES requirements have more to do with cryptanalysis than
Hilarie> brute force key search.  The real enemy of 128 bits is
Hilarie> quantum computers*.

Right, if an attack is found that reduces your effective bit size to
half of its original, I can only hope that you're using a 256 bit key
to begin with (and one with 256 bits of entropy).

-- 
Wes Hardaker
NAI Labs
Network Associates

Follow-Ups:

Re: IKE entropy issues with long keys

From: Wes Hardaker <wes@hardakers.net>

Prev by Date: RE: IKE entropy issues with long keys
Next by Date: Re: IKE entropy issues with long keys
Prev by thread: Re: IKE entropy issues with long keys
Next by thread: Re: IKE entropy issues with long keys
Index(es):
- Main
- Thread