Slicing and dicing

Karl Fox <karl@Ascend.COM> Mon, 08 September 1997 20:55 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id QAA21165 for ipsec-outgoing; Mon, 8 Sep 1997 16:55:35 -0400 (EDT)
Date: Mon, 08 Sep 1997 14:04:31 -0700
Message-Id: <199709082104.OAA15064@gump.eng.ascend.com>
From: Karl Fox <karl@Ascend.COM>
To: ipsec@tis.com
Subject: Slicing and dicing
Reply-To: Karl Fox <karl@Ascend.COM>
Organization: Ascend Communications
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

Appendix B of draft -04 of the resolution document says

   The key for DES-CBC is derived from the first eight (8) non-weak and
   non-semi-weak (see Appendix A) bytes of SKEYID_e.

If the bytes 1-8 are a weak or semi-weak key, do we then go on to
bytes 2-9 (I hope not!) or bytes 9-16?

The same appendix later says

   The key for 3DES-CBC is the first twenty-four (24) bytes of a key
   derived in the aforementioned pseudo-random function feedback method.
   3DES-CBC is an encrypt-decrypt-encrypt operation using the first,
   middle, and last eight (8) bytes of the entire 3DES-CBC key.

This means that no weak key test may be done for 3DES-CBC.  Was this
the intent?
-- 
Karl Fox, servant of God, employee of Ascend Communications
655 Metro Place South, Suite 370, Dublin, Ohio  43017   +1 614 760 4041