[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKEv2 security consideration over-statement
>>>>> "PaulH" == Paul Hoffman </ VPNC <paul.hoffman@vpnc.org>> writes:
PaulH> The sentence "Diffie-Hellman group number two, when used with a
PaulH> strong random number generator and an exponent no less than 200
PaulH> bits, is sufficient for use with 3DES" is probably not
PaulH> true. Group 2 (1024 bits) is probably equivalent to about 80
PaulH> bits of symmetric strength, not 112. A better wording for this
PaulH> sentence is "Diffie-Hellman group number two, when used with a
PaulH> strong random number generator and an exponent no less than 200
PaulH> bits, is common for use with 3DES". That is, most VPN systems
PaulH> only need 80ish bits of symmetric strength.
Sounds reasonable. That suggests that a VPN application where this is
true might also find it sensible to use group 2 with AES, even though
in both cases the "net" security is somewhat less than the data cipher
keysize.
PaulH> The sentence "Groups three through five provide greater
PaulH> security" is misleading....
PaulH> It is better to change this to simply say "Group
PaulH> five provides greater security than group two."
Yes, I agree that that's a necessary change.
paul