RE: WG LAST CALL: draft-ietf-ipsec-ike-modp-groups-04.txt
Tero Kivinen <kivinen@ssh.fi> Thu, 23 May 2002 21:30 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4NLU9L15159; Thu, 23 May 2002 14:30:09 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id QAA25989 Thu, 23 May 2002 16:50:17 -0400 (EDT)
X-Authentication-Warning: ryijy.hel.fi.ssh.com: kivinen set sender to <kivinen@ssh.fi> using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <15597.22768.322645.225267@ryijy.hel.fi.ssh.com>
Date: Fri, 24 May 2002 00:02:40 +0300
From: Tero Kivinen <kivinen@ssh.fi>
To: Mark Winstead <Mark.Winstead@NetOctave.com>
Cc: 'Theodore Ts'o' <tytso@mit.edu>, ipsec@lists.tislabs.com, byfraser@cisco.com
Subject: RE: WG LAST CALL: draft-ietf-ipsec-ike-modp-groups-04.txt
In-Reply-To: <49B96FCC784BC54F9675A6B558C3464E5D0E67@MAIL.NetOctave.com>
References: <49B96FCC784BC54F9675A6B558C3464E5D0E67@MAIL.NetOctave.com>
X-Mailer: VM 6.89 under Emacs 20.7.1
Organization: SSH Communications Security Oy
X-Edit-Time: 13 min
X-Total-Time: 32 min
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
Mark Winstead writes: > Since the document itself quotes sources that cite that for 256 bit keys > (like used by AES-256) require for full strength groups in the magnitude of > 15400 bits, shouldn't it include a group larger than 8192 bits? Generating them using the current hardware resources takes too long time. We need faster cpu's before we can generate them, but fortunately we need also faster machines to use them too. When we have cpu's available that can and will use them then we hopefully have also cpu time to generate them. We tried to calculate the 16386 bit group for couple of few weeks but with no luck. The calculation of the 8192 bit group took 13 days on a one machine, but for the 16386 bit group each step requires about 8 times more time, and the estimated value how far it needs to go until it finds one also goes up by factor of 2-4 or so. This means that calculating it on one machine would take several months or years. Also proving it to actually being a prime would take about same time... Calculating 12288 bit group should be possible in few months even with one machine. If you have 50 or so spare machines with modern cpu and nothing to do, then we can try to generate bigger groups, I can provide the software to run. We can always issue new rfc when those groups are actually generated, there is no point of waiting them now. -- kivinen@ssh.fi SSH Communications Security http://www.ssh.fi/ SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
- WG LAST CALL: draft-ietf-ipsec-ike-modp-groups-04… Theodore Ts'o
- RE: WG LAST CALL: draft-ietf-ipsec-ike-modp-group… Mark Winstead
- RE: WG LAST CALL: draft-ietf-ipsec-ike-modp-group… Tero Kivinen
- RE: WG LAST CALL: draft-ietf-ipsec-ike-modp-group… Hilarie Orman, Purple Streak Development