[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: speaking of keys

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: speaking of keys
From: Henry Spencer <henry@spsystems.net>
Date: Fri, 13 Dec 2002 19:03:36 -0500 (EST)
In-Reply-To: <p05200f71ba1fe075151c@[165.227.249.18]>
Sender: owner-ipsec@lists.tislabs.com

On Fri, 13 Dec 2002, Paul Hoffman / VPNC wrote:
> This would also show that we aren't very good at math. If we allow 
> encryption mechanisms with keys of less than about 80 bits, we have 
> to allow public keys that match those smaller sizes.

(a) We shouldn't allow encryption mechanisms with such grossly inadequate
  key lengths.

(b) There is nothing wrong with getting more bits than you need, except
  possibly some extra cycles used to generate them.  There are people
  who are probably too cycle-poor to use 1024-bit public keys, but I see
  no indication that there are enough of them to be worth compromising
  our standard for.

                                                          Henry Spencer
                                                       henry@spsystems.net

References:
- Re: speaking of keys
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>

Prev by Date: Re: speaking of keys
Next by Date: RE: speaking of keys
Prev by thread: Re: speaking of keys
Next by thread: Fwd: Processing of ESP packet
Index(es):
- Date
- Thread