RE: [Cfrg] Re: [saag] Algorithm upgrades

[Alex Alten <alten at attbi.com>]

At 05:09 PM 11/1/2004 -0800, Hallam-Baker, Phillip wrote:
> >1. _New_ protocols that are being design should include the ability to
> >negotiate algorithms. This is just good hygiene. If this is not
> >formalized, it should be.
>
> I strongly disagree. History has showed that negotiation mechanisms can lead
> to worse security problems than they are meant to address. The IETF has
> certainly showed an exceptional ability to overcomplicate them.

I agree with Phillip (sorry David McGrew).  It is bad enough to deal with 
keying
materials for one type of algorithm (say a cipher like AES), without having
to deal with all the headaches of dealing with two or more known algorithms
plus an unknown number of future algorithms.  Based on my own experience
plus witnessing other designs (like IPSec and ATM), when it comes to security
systems (or secure networks), simpler really is much better.

I think that the age of dealing with multiple ciphers is drawing to a 
close. Unless
I'm greatly mistaken, AES should be sufficient for just about anything, 
probably
for the next 50 years.  One could put a flag in for the encryption 
algorithm just
in case an upgrade is needed in 2054.

However, the same probably can't yet be said of hashes.

- Alex


--

Alex Alten
alten at ATTBI.com


_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg