[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt

To: Bart Preneel <Bart.Preneel@esat.kuleuven.ac.be>
Subject: Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Wed, 12 Dec 2001 15:31:04 -0700
Cc: Paul Koning <pkoning@equallogic.com>, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

In message <Pine.GHP.4.33.0112122244540.6259-100000@domein.esat.kuleuven.ac.be>
, Bart Preneel writes:

>
>For choosing MAC parameters, one has to take into account the
>lifetime during which the system will be used (rather than the
>lifetime of a single key).  I believe that 80-bit MACs are
>sufficient for 20 years or more. A MAC of 96 bits may be chosen
>for the alignment reasons mentioned above.  A MAC of 128 bits is
>fine but probably too conservative;  anything larger is certainly
>overkill and may even harm security in the long run.

What do you mean by "sufficient for 20 years or more"?  That that's how long 
you expect that it will be safe to use such MACs for new connections?
Obviously, a MAC only has to resist attack while it's still accepted, 
unlike a confidentiality key.

		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com

Follow-Ups:

Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt

From: Bart Preneel <Bart.Preneel@esat.kuleuven.ac.be>

Prev by Date: JFK, IKEv2 and ESPUDP
Next by Date: Re: JFK, IKEv2 and ESPUDP
Prev by thread: Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt
Next by thread: Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt
Index(es):
- Main
- Thread