[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Length of pre-shared key

To: <juha.ollila@nokia.com>, <ipsec@lists.tislabs.com>
Subject: RE: Length of pre-shared key
From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>
Date: Mon, 25 Feb 2002 14:17:35 -0500
Importance: Normal
In-Reply-To: <B49318639A71D3418DC1005FD40B36100EB4B9@ouebe005.NOE.Nokia.com>
Reply-To: <andrew.krywaniuk@alcatel.com>
Sender: owner-ipsec@lists.tislabs.com

I don't think there is a specific limit. After all, HMAC tells you how to
stretch the input if it is less that the size of the hash output. But use
your common sense: the shorter the input, the easier it will be for a
cracking program to guess it. Also, it's the entropy in the password, not
the length, that matters.

Andrew
-------------------------------------------
There are no rules, only regulations. Luckily,
history has shown that with time, hard work,
and lots of love, anyone can be a technocrat.



> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of
> juha.ollila@nokia.com
> Sent: Monday, February 25, 2002 9:41 AM
> To: ipsec@lists.tislabs.com
> Subject: Length of pre-shared key
>
>
> 	Hello!
>
> Have IPsec and IKE specifications any requirements about the
> pre-shared keys? I didn't find the required length of pre-shared key.
>
> Best Regards,
> Juha Ollila
>

Follow-Ups:
- RE: Length of pre-shared key
  - From: David Jablon <dpj@world.std.com>

References:
- Length of pre-shared key
  - From: juha.ollila@nokia.com

Prev by Date: RE: Phase 1 Lifetime and Lifedata
Next by Date: Re: NAT Traversal
Prev by thread: Re: Length of pre-shared key
Next by thread: RE: Length of pre-shared key
Index(es):
- Date
- Thread