Re: additional core draft nits in need of WG attention.

To: ietf-ssh%NetBSD.org@localhost
Subject: Re: additional core draft nits in need of WG attention.
From: Derek Fawcus <dfawcus%cisco.com@localhost>
Date: Mon, 10 Nov 2003 12:49:13 +0000

On Mon, Nov 10, 2003 at 02:12:10AM -0500, Bill Sommerfeld wrote:
> 
> > >6.  Section 4.3, second paragraph. The document says: "...effective key
> > >length of 128 bits or more". Yet, Triple-DES is the REQUIRED algorithm,
> > >and it does not meet this goal.  Suggestion: "...effective key length of
> > >96 bits or more".
> 
> so, this is a "how do we count the bits" issue.  three-key triple-des
> is under some circumstances vulnerable to a particular attack which
> takes 2^112 time and 2^112 storage.  It is not clear to me whether
> this particular attack is possible against 3des as used by SSH.
> 
> Do we:
> 	- Lower the recommended limit?  (to what? 96 bits? 112 bits?)
> 	- Explicitly grandfather triple-des?
> 	- Make AES REQUIRED?

Well my view would be to make AES required,  and 3des recommended or optional.

However I guess there may be some implementors who'd disagree.

Is there any current implementation that _doesn't_ now do AES?

DF

References:
- additional core draft nits in need of WG attention.
  - From: Bill Sommerfeld

Prev by Date: Re: additional core draft nits in need of WG attention.
Next by Date: Re: additional core draft nits in need of WG attention.
Previous by Thread: Re: additional core draft nits in need of WG attention.
Next by Thread: Re: additional core draft nits in need of WG attention.
Indexes:

Home | Main Index | Thread Index | Old Index