[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (KAME-snap 5215) ESP Encryption Key
On Mon, Aug 06, 2001 at 03:52:48PM +0900, Shoichi Sakane wrote:
> > I have a question related to esp encryption key ,
> > I am using 3des so I set my keys as
> > case 1:
> > { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
> > 0x02,0x02,0x02,0x02,0x02,0x02,0x02,0x02,
> > 0x03,0x03,0x03,0x03,0x03,0x03,0x03,0x03}
> > Here problem is this If I use the keys as
> > case 2:
> > { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
> > 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
> > 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}
> > the encrypted results are same in case 1 and case 2. Can any one tell why it is
> > same even I am using different keys ?
I found a bug and provided a fix, in OpenBSD, at least two years ago,
which looked exactly like this. The problem was in the userspace manual
keying utility. I assume it was fixed long ago.
> i'm not sure what the platform you are using.
> at least, these key cannot be installed into the kernel based kame stack.
> kame stack says "esp_cbc_mature 3des-cbc: weak key was passed",
slainte mhath, RGB
...just back from the American Solar Challenge <formulasun.org/asc>, a
cross-continental solar vehicle competition on historic Route 66. Now
in Europe for 3 weeks..., presently at IETF.
--
Richard Guy Briggs -- PGP key available Auto-Free Ottawa! Canada
<www.conscoop.ottawa.on.ca/rgb/> <www.flora.org/afo/>
Prevent Internet Wiretapping! -- FreeS/WAN:<www.freeswan.org>
Thanks for voting Green! -- <green.ca> Marillion:<www.marillion.co.uk>
References: