[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

Paul Hoffman / VPNC <paul.hoffman@vpnc.org> writes:

> At 10:22 AM -0400 6/12/03, Paul Koning wrote:
> >96 is probably enough but it's not a common keysize, so 128 makes
> >sense.
> But only if you want to eliminate TripleDES, whose key size is 112
> bits. No one counts the parity bits as meaningful.
As I understand RFC 2451, the 3DES we uses is 3-key 3DES in
EDE mode, so the effective key size should be 168 bits.


[Eric Rescorla                                   ekr@rtfm.com]