[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Réf. : Re: What is the standardization status ofAES in IPSec?
I wonder what is the use of having symetric algorithms with
keys longer than 128bits. All the papers I read show that is sufficient for
protecting data
in the next 20 years ... And is data worth being protected during 20 years
sent over the wires ?
As I see things, IPsec provides a kind of 'tactical' security : it protects
data during the time sufficient
for making it irrelevant for an attacker. If I send my credit card number
on the Internet, the information
is valid for at most two years. If I send the price of a new range of
products, it is confidential
while my products aren't for sale in a shop.
Consequently, If I had to design a fully-secure Ipsec implementation, I
would focus on having good
entropy in keys rather than the longest key size possible. And I do agree
with you that mandating
"good" entropy isn't a good idea : it would remove a way to fine-grain
systems' security (i.e. for export
purpose).
Regards
--
Romain Berrendonner
Paul Koning
<pkoning@equallogic Pour : jari.arkko@kolumbus.fi
.com> cc : ipsec@lists.tislabs.com, (ccc : Romain BERRENDONNER/DRD/SAGEM)
Envoyé par : Objet : Re: What is the standardization status of AES in IPSec?
owner-ipsec@lists.t
islabs.com
04/02/2002 20:18
>>>>> "Jari" == Jari Arkko <jari.arkko@kolumbus.fi> writes:
>> I'm curious as to how many people believe that a MUST for a
>> 128-bit AES key means a MUST for 128 bits of entropy in the key.
Jari> I don't. While I believe we should move to AES as soon as
Jari> possible, I don't necessarily believe in the statement that all
Jari> components of the protocol set must be equally strong; you
Jari> should be able to take advantage of a new good algorithm even
Jari> if you can't for e.g. computational reasons increase
Jari> Diffie-Hellman key lengths quite as much.
Jari> Thus, I believe we should standardize groups matching AES
Jari> strength, but not make them mandatory. And we need to explain
Jari> the strength issues somewhere.
Agreed 100%. Make sure the option is there -- don't mandate it.
paul