Re: DES <weak> key list?

Dave Mason <dmason@tis.com> Wed, 10 September 1997 19:33 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id PAA08170 for ipsec-outgoing; Wed, 10 Sep 1997 15:33:57 -0400 (EDT)
Date: Wed, 10 Sep 1997 15:42:27 -0400
From: Dave Mason <dmason@tis.com>
Message-Id: <199709101942.PAA23228@rubicon.rv.tis.com>
To: ipsec@tis.com
Subject: Re: DES <weak> key list?
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

>It's my impression that Bruce Schneier has the same opinion.  I suggest we
>pull the text from all three places.

I also vote to skip the weak key check.  If I'm not mistaken, if
we generate a new key every single minute, we'll only run into a
"weak/semiweak/possibly weak" key about once every billion years.

-dave