Re: 112 bit 3DES
Henry Spencer <henry@spsystems.net> Thu, 29 April 1999 01:21 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA01731; Wed, 28 Apr 1999 18:21:58 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id SAA05650 Wed, 28 Apr 1999 18:14:35 -0400 (EDT)
Date: Wed, 28 Apr 1999 18:22:04 -0400
From: Henry Spencer <henry@spsystems.net>
To: "Volpe, Victor" <vvolpe@altiga.com>
cc: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: 112 bit 3DES
In-Reply-To: <A0550295565ED211A13B00A0C9A7918906A3CA@mail.altiga.com>
Message-ID: <Pine.BSI.3.91.990428181121.27146A-100000@spsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
On Wed, 28 Apr 1999, Volpe, Victor wrote:
> According to the 3DES draft "draft-ietf-ipsec-ciph-des3-00.txt", 112 bit
> 3DES must not be negotiated via IKE and is therefore a non-compliant key
> length for 3DES. Did I read this correctly?
Yes. IPSEC (RFC 2451) 3DES does not have variable key length; a 3DES key
is 192 bits exactly, and no excuses (although 24 of those bits are parity
bits which do not participate in the cipher, making the real key length
168 bits). Each of the three DES stages in it has a separate, distinct
key. There is no provision for giving two of the stages identical keys.
"112 bit 3DES" has no particular advantage over real 3DES, and has some
known weaknesses (none of them looks like a practical attack route, last I
heard, but they make people nervous).
> What is the status of the draft?
RFC 2451 is currently at Proposed Standard status, I believe. The draft
you refer to is long obsolete.
Henry Spencer
henry@spsystems.net
(henry@zoo.toronto.edu)
- 112 bit 3DES Volpe, Victor
- Re: 112 bit 3DES Sandy Harris
- Re: 112 bit 3DES Henry Spencer