Re: [TLS] Comparative cipher suite strengths

To: Bill Frantz <frantz at pwpconsult.com>
Subject: Re: [TLS] Comparative cipher suite strengths
From: "Steven M. Bellovin" <smb at cs.columbia.edu>
Date: Wed, 6 May 2009 22:27:07 -0400
Cc: tls at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <r02010500-1049-4DA06D4F35F311DE824F0030658F0F64 at [192.168.1.5]>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Organization: Columbia University
References: <20090423185550.GW1500 at Sun.COM> <r02010500-1049-4DA06D4F35F311DE824F0030658F0F64 at [192.168.1.5]>

On Thu, 30 Apr 2009 18:56:35 -0700
Bill Frantz <frantz at pwpconsult.com> wrote:

> When I think of the reasons that NSA/DOD could have for requiring
> AES-128 for secret and AES-192 for top secret, I think they may be
> looking at the whole cryptographic system. While symmetric cyphers
> have some solid math behind them, other parts of the system, such as
> generating random numbers for the keys are frequently more akin to
> black magic.
> 
From http://catless.ncl.ac.uk/Risks/15.48.html#subj1

	The unit key is generated via Skipjack itself, from random
	seeds provided by the two escrow agencies (approximately
	monthly, though that isn't certain yet).  They say they prefer
	a software generation process because its correct behavior is
	auditable.

In other words, the NSA understands that keys should not be generated
by a random process.

		--Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- Re: [TLS] Comparative cipher suite strengths
  - From: Nicolas Williams
- Re: [TLS] Comparative cipher suite strengths
  - From: Bill Frantz

Prev by Date: Re: [TLS] Comparative cipher suite strengths
Next by Date: [TLS] IPR Disclosure from Certicom
Previous by thread: Re: [TLS] Comparative cipher suite strengths
Next by thread: Re: [TLS] Comparative cipher suite strengths
Index(es):
- Date
- Thread

Re: [TLS] Comparative cipher suite strengths

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.