[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What is the standardization status of AES in IPSec?
>>>>> "Jari" == Jari Arkko <jari.arkko@kolumbus.fi> writes:
>> I'm curious as to how many people believe that a MUST for a
>> 128-bit AES key means a MUST for 128 bits of entropy in the key.
Jari> I don't. While I believe we should move to AES as soon as
Jari> possible, I don't necessarily believe in the statement that all
Jari> components of the protocol set must be equally strong; you
Jari> should be able to take advantage of a new good algorithm even
Jari> if you can't for e.g. computational reasons increase
Jari> Diffie-Hellman key lengths quite as much.
Jari> Thus, I believe we should standardize groups matching AES
Jari> strength, but not make them mandatory. And we need to explain
Jari> the strength issues somewhere.
Agreed 100%. Make sure the option is there -- don't mandate it.
paul