[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: AES with SHA-2
From:       joern () dfintra ! f-secure ! com
Date:       2001-09-25 21:16:59
[Download RAW message or body]

At 15:15 25.09.2001 -0400, you wrote:

 >Hi all&
 >
 >
 >
 >             I wonder what the consensus is on using SHA-2 with AES for 
 > ESP. Are you all implementing such a transform? Do you plan to?
 >
 >
 >
 >Thanks!
 >
 >
 >
 >Josh Shaul

No, we're not. What's the point of using sha-2 in ESP anyway?
We are using a truncated (96 bits) output of sha-1 or md5 today.
Using sha-2-96 would be utterly pointless, because the only
advantage of sha-2 over sha-1 is the longer output.

Before you plan anything, you should wonder how many bits you want.
More than 96 bit, apparently. But how much more? Then, wouldn't
sha-1-128 or sha-1-160 be enough for you?

I'm happy with 96 bits.....

Jörn Sierwald

[prev in list] [next in list] [prev in thread] [next in thread]