Re: des-cbc cipher

[sjl%ssh.com@localhost (Sami J. Lehtinen)]

markus%openbsd.org@localhost (Markus Friedl) writes:
> adding "des-cbc" to the spec does not unbreak these implementations,
> it does not make them "compliant".
> 
> not adding "des-cbc" does not change them to "non-compliant", since
> they have not been "compliant" before.  if some old implementations use
> "des-cbc", well, good luck, they might interoperate. adding "des-cbc"
> will not change their implemenation.

How would the implementations be non-compliant, if des-cbc was added?

The text would probably be something like:

The "des-cbc" cipher is DES (Data Encryption Standard) in CBC mode,
with 56 bit keys. The key is represented as 64 bits, with the least
significant bit of every byte used as parity [SCHNEIER]. This is a
block cipher with 8 byte blocks. Note: this algorithm is considered
INSECURE because of small key size.

I really don't have a strong opinion about this; if it were only up to
me, the cipher would be removed from our implementation. But if it
gets added to the spec, our implementation would be conformant in this
respect without me adding compatibility code :)

-- 
[sjl%ssh.com@localhost          --  Sami J. Lehtinen  --           sjl%iki.fi@localhost]
[work:+358 20 5007425][gsm:+358 40 864 3001][http://www.iki.fi/~sjl]
[SSH Communications Security Corp               http://www.ssh.com/]