1995-08-10 - Why DES in IPSEC ESP?

Header Data

From: Andy Brown <asb@nexor.co.uk>
To: cypherpunks@toad.com
Message Hash: 0aec98e9f2c2f4eaf64d3cffbdae40a903dab32d2bffeb58397af722deb4776b
Message ID: <Pine.SOL.3.91.950810133448.4480H-100000@eagle.nexor.co.uk>
Reply To: N/A
UTC Datetime: 1995-08-10 12:48:09 UTC
Raw Date: Thu, 10 Aug 95 05:48:09 PDT

Raw message

From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 10 Aug 95 05:48:09 PDT
To: cypherpunks@toad.com
Subject: Why DES in IPSEC ESP?
Message-ID: <Pine.SOL.3.91.950810133448.4480H-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


I suppose this is really addressed at Perry:

Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 
If someone's IP traffic is being monitored and collected offline by some
agency then they're going to get about a couple of hours of security while
the special purpose key search hardware kicks into action.  I know other
algorithms can optionally be used, but surely it would have been better to
have a second, stronger algorithm specified mandatory as well. 


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+






Thread