[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
How will we specify AES key lengths?
At 11:27 AM +0200 5/18/03, Yoav Nir wrote:
>Sorry I didn't ask about this earlier. With some vendors already offering
>AES with larger keys (192- and 256-bit), why aren't there numbers assigned
>for these transforms (section 2.1)
Thank you for highlighting a problem that the WG doesn't seem to have
noticed before now. The WG needs to decide how to specify the key
length for AES. We now have WG documents that do this in two
different ways: with the Key Length attribute in IKEv1 and IKEv2, or
with a different identifier for each of the three key lengths.
draft-ietf-ipsec-ciph-aes-cbc-05.txt for AES in CBC mode says:
5.3 Key Length Attribute
Since the AES allows variable key lengths, the Key Length attribute
MUST be specified in both a Phase 1 exchange [IKE] and a Phase 2
exchange [DOI].
draft-ietf-ipsec-ciph-aes-ctr-03.txt for AES in CTR mode says:
9. IANA Considerations
IANA has assigned three ESP transform numbers for use with AES-CTR
with an explicit IV, one for each AES key size:
<TBD1> for AES-CTR with a 128 bit key;
<TBD2> for AES-CTR with a 192 bit key; and
<TBD3> for AES-CTR with a 256 bit key.
I propose that the WG standardize on one method. Given that there are
a fair number of deployed implementations of
draft-ietf-ipsec-ciph-aes-cbc but few or none of
draft-ietf-ipsec-ciph-aes-ctr, it seems like
draft-ietf-ipsec-ciph-aes-ctr should be changed to use the method
that has already been deployed.
Thoughts?
--Paul Hoffman, Director
--VPN Consortium