[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last ditch proposal for crypto suites



>>>>> "Henry" == Henry Spencer <henry@spsystems.net> writes:

 Henry> On Thu, 29 Aug 2002, Dan Harkins wrote:
 >> > Almost no one > in their right mind would really mean that Phase
 >> 1 be protected with > DES and Phase 2 be protected with
 >> TripleDES...
 >> 
 >> ...We're talking about two different proposals (whether it's
 >> suites or a la carte). One to protect the IKE traffic and another
 >> to protect the bulk data. Those two traffic flows are quite
 >> different and their security needs are different as well.

 Henry> Yes, but under what circumstances would that particular
 Henry> combination make sense?  If 3DES is fast enough to be used for
 Henry> bulk data, it is fast enough to be used for IKE traffic.
 Henry> Given that IKE traffic is such a tiny fraction of the normal
 Henry> traffic flow, there is just no sense in not using the best
 Henry> crypto algorithm you've got to protect it.

I agree.  The ability to specify separately what transforms you want
in phase 1 vs. phase 2 was always just a useless piece of extraneous
complexity in IKE V1.  When we implemented our IKE management (a few
jobs ago) we didn't allow for this; the phase 1 transforms were the
same as the phase 2 transforms.  Henry's argument is a good one, and
simplification of management is always valuable -- especially in
security systems.

	 paul