[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-ikev2-06.txt
>>>>> "Andrew" == Andrew Krywaniuk <askrywan@hotmail.com> writes:
Andrew> As Paul discussed, the MUST clauses can only refer to things
Andrew> that affect compliance. Therefore, it sounds to me like the
Andrew> only MUST we need is the following:
Andrew> "Implementations that provide an interface for the user to
Andrew> enter a purely alphanumeric shared secret (i.e. a password),
Andrew> must allow that value to be a minimum of 64 bytes(*) long."
That sounds like a fine requirement.
Andrew> Then there can be the usual warning about poorly-chosen
Andrew> passwords elsewhere.
Right.
Andrew> (*) Alphanumeric characters comprise 1/4th of the available
Andrew> 256 bits. Therefore, for 128 bits of key strength, you need a
Andrew> minimum of 64 bytes.
I think there's a glitch in your arithmetic.
If the password is just alphanumeric, that gives 62 possible
characters, so just about 6 bits per character. So for 128 bits of
key strength you need at least 12 characters.
If you assume that a halfway reasonable passphrase has 2 bits of
entropy per character, then you do arrive at the minimum of 64
characters.
I would suggest not putting that footnote into the spec; simply state
the requirement, which is a perfectly sensible one.
paul