From owner-freebsd-security Fri Dec 22 23:22: 4 2000 From owner-freebsd-security@FreeBSD.ORG Fri Dec 22 23:22:02 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 8A76037B400 for ; Fri, 22 Dec 2000 23:22:02 -0800 (PST) Received: from rfx-64-6-211-149.users.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Fri, 22 Dec 2000 23:20:18 -0800 Received: (from cjc@localhost) by rfx-64-6-211-149.users.reflexcom.com (8.11.0/8.11.0) id eBN7Ls115978; Fri, 22 Dec 2000 23:21:54 -0800 (PST) (envelope-from cjc) Date: Fri, 22 Dec 2000 23:21:54 -0800 From: "Crist J. Clark" To: Keith Ray Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPSec + Racoon: pre-shared key length Message-ID: <20001222232154.I96105@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <977521215.3a43ca3fea068@nullify.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <977521215.3a43ca3fea068@nullify.org>; from aphex@nullify.org on Fri, Dec 22, 2000 at 03:40:15PM -0600 Sender: cjc@rfx-64-6-211-149.users.reflexcom.com Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Dec 22, 2000 at 03:40:15PM -0600, Keith Ray wrote: [snip] > 3DES uses 192-bit keys > for a keyspace of 2^192. I believe ESP uses 3DES with three independent keys (as opposed to the two key method) which is a keyspace of 168-bits... But there is an attack of three independent keys which reduces the effective keyspace to what one would naively expect for two independent keys. That's a whole 'nother story tho'. ;) -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message