[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKE entropy issues with long keys
>>>>> On Mon, 5 Feb 2001 20:18:43 -0500, "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com> said:
Andrew> I don't agree with the example you brought up about using PFS
Andrew> to generate extra uncorrelated key bits. The fact that the key
Andrew> bits come out of a PRF should mean that they are sufficiently
Andrew> uncorrelated. The real reason for rekeying is to minimize the
Andrew> impact of a compromise, not to make the compromise less
Andrew> likely.
I'm not sure to which example you're referring, but thats ok...
Andrew> I (and others) have actually suggested before that we need an
Andrew> RFC which documents the implicit security properties of
Andrew> IKE.
Thats probably a really good idea.
--
Wes Hardaker
NAI Labs
Network Associates
References: