[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Paul Hoffman / VPNC <paul.hoffman@vpnc.org> writes:
> At 10:22 AM -0400 6/12/03, Paul Koning wrote:
> >96 is probably enough but it's not a common keysize, so 128 makes
> >sense.
>
> But only if you want to eliminate TripleDES, whose key size is 112
> bits. No one counts the parity bits as meaningful.
As I understand RFC 2451, the 3DES we uses is 3-key 3DES in
EDE mode, so the effective key size should be 168 bits.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/