1995-08-10 - Re: Why DES in IPSEC ESP?

Header Data

From: Marc Horowitz <marc@cam.ov.com>
To: cypherpunks@toad.com
Message Hash: db2bbbc3cca3dd40a735982a90b1d37efb02ec31f01f753b9f234057ebd0f59a
Message ID: <199508101611.MAA03223@dun-dun-noodles.cam.ov.com>
Reply To: N/A
UTC Datetime: 1995-08-10 16:10:56 UTC
Raw Date: Thu, 10 Aug 95 09:10:56 PDT

Raw message

From: Marc Horowitz <marc@cam.ov.com>
Date: Thu, 10 Aug 95 09:10:56 PDT
To: cypherpunks@toad.com
Subject: Re: Why DES in IPSEC ESP?
Message-ID: <199508101611.MAA03223@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


>> | Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 

Because people were going completely nuts about mandating something
not easily specifiable at all.  DES was an easier case to make than
3DES.

>> 	So, in order to ship sooner rather than later, DES was chosen.
>> 3DES will probably be available soon afterwards.

Shipping is irrelevant.  Perry is busily coding 3DES support into
NetBSD.  Once it's in the bsd network stack, it will spread
everywhere.  Presumably, someone will implement it outside the US as
well.

As Perry put it succinctly at a recent IETF meeting, people will not
necessarily use what is mandated.  They will use what is available.
If 3DES is in the freely available reference implementation (which it
will be), and it performs adequately, that is what will get used.

		Marc





Thread