[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE entropy issues with long keys

To: "Hilarie Orman" <HORMAN@novell.com>
Subject: Re: IKE entropy issues with long keys
From: Wes Hardaker <wes@hardakers.net>
Date: 05 Feb 2001 21:35:55 -0800
Cc: <wes@hardakers.net>, <ipsec@lists.tislabs.com>
In-Reply-To: <sa7ef1fb.013@prv-mail20.provo.novell.com>
Organization: Network Associates - NAI Labs
References: <sa7ef1fb.013@prv-mail20.provo.novell.com>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.2 (Notus)

>>>>> On Mon, 05 Feb 2001 18:33:25 -0700, "Hilarie Orman" <HORMAN@novell.com> said:

Hilarie> Beyond that, I think you are trying to conflate two
Hilarie> independent issues.  Cryptanalysis can lead to ways to attack
Hilarie> a cipher that are less effort than brute force key search,
Hilarie> but this doesn't mean that it is necessary to add more
Hilarie> entropy to the key.

You're assuming that you could never tie a cryptanalysis attack
together with an attack on the entropy of the key itself.  Currently
there aren't known attacks that can take, for example, an attack
against an algorithm using a statistical analysis that is strengthend
by a simultaneous attack against the lack of entropy in the keys.  But
I'm sure that something like that could never ever happen and we're
safe and shouldn't need to worry about it, right?

Anyway, this discussion has turned far away from my original point,
that the issue should at least be mentioned somewhere lest people get
the wrong assumption about the algorithms they've selected.
-- 
Wes Hardaker
NAI Labs
Network Associates

References:

Re: IKE entropy issues with long keys

From: "Hilarie Orman" <HORMAN@novell.com>

Prev by Date: Re: IKE entropy issues with long keys
Next by Date: RE: IKE entropy issues with long keys
Prev by thread: Re: IKE entropy issues with long keys
Next by thread: RE: IKE entropy issues with long keys
Index(es):
- Main
- Thread