Slicing and dicing
Karl Fox <karl@Ascend.COM> Tue, 09 September 1997 18:02 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id OAA28830 for ipsec-outgoing; Tue, 9 Sep 1997 14:02:49 -0400 (EDT)
Date: Tue, 09 Sep 1997 11:11:29 -0700
Message-Id: <199709091811.LAA20489@gump.eng.ascend.com>
From: Karl Fox <karl@Ascend.COM>
To: Rodney Thayer <rodney@sabletech.com>
Cc: ipsec@tis.com
Subject: Slicing and dicing
In-Reply-To: <3.0.3.32.19970909115849.0070d248@pop3.pn.com>
References: <3.0.3.32.19970909115849.0070d248@pop3.pn.com>
Reply-To: Karl Fox <karl@Ascend.COM>
Organization: Ascend Communications
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
Rodney Thayer writes: > I believe that during the most recent round of draft writing we discovered > that several people were discussing and/or documenting DES Weak keys. I > suspect we failed to resolve that. I think the simples resolution I heard > was to suggest that in the future all documents point at Schneier's book > for the weak and semi-weak key list. I'd prefer that the list be included in the document (preferably in a *single* document), partly because the table of possibly-weak keys in my copy of Schneier's book (2nd edition, 1st printing) contains an error. The tables in draft-ietf-ipsec-ciph-des-derived-00.txt and draft-ietf-ipsec-ciph-des-expiv-00.txt are right. I don't know if Schneier's book has been corrected in later printings (if there are any). I've reported the error to him twice with only an automated errata list (not containing the table error) as reply, but it may be fixed now--others I've spoken to have found it, too. > >Date: Mon, 8 Sep 1997 15:04:45 -0700 > >From: Karl Fox <karl@Ascend.COM> > >To: ipsec@tis.com > >Subject: Slicing and dicing > >Reply-To: Karl Fox <karl@Ascend.COM> > >Organization: Ascend Communications > >Sender: owner-anx-sec@dot.netrex.net > >Reply-To: anx-sec@dot.netrex.net > > > >While I'm on the subject of key material derivation, > >draft-ietf-ipsec-ciph-des-expiv-00.txt talks about comparisons with > >possibly-weak keys, while isakmp-oakley-04 only mentions weak and > >semi-weak keys. They should be consistent. Even better, they should > >both point to a single place where an appropriate technique is > >described. > > > >Also, draft-ietf-ipsec-ciph-des-expiv-00.txt says that > > > > [some document] describes the general mechanism to derive keying > > material for the ESP transform. The derivation of the key from some > > amount of keying material does not differ between the manually- and > > automatically-keyed security associations. > > > >Does anybody know when this document will be available? What else > >should we use to find out what to use for the ANX testing, the > >reference implementation? > > > >Is that what everybody else does? > >-- > >Karl Fox, servant of God, employee of Ascend Communications > >655 Metro Place South, Suite 370, Dublin, Ohio 43017 +1 614 760 4041 > > > > > > -- Karl Fox, servant of God, employee of Ascend Communications 655 Metro Place South, Suite 370, Dublin, Ohio 43017 +1 614 760 4041
- Slicing and dicing Rodney Thayer
- Slicing and dicing Karl Fox
- Re: Slicing and dicing Dave Mason
- Re: Slicing and dicing Phil Karn
- Re: Slicing and dicing Karl Fox
- Re: Slicing and dicing Theodore Y. Ts'o
- Re: Slicing and dicing Jim Gillogly
- Re: Slicing and dicing Cheryl Madson
- Re: Slicing and dicing Michael C. Richardson
- Re: Slicing and dicing Dan McDonald
- Re: Slicing and dicing Cheryl Madson
- Weak DES keys Michael C. Richardson
- Re: Slicing and dicing Karl Fox
- Weak DES keys Karl Fox
- Re: Slicing and dicing Stephen Kent
- Re: Slicing and dicing Theodore Y. Ts'o
- Re: Slicing and dicing Daniel Harkins
- Re: Slicing and dicing Ran Atkinson