On 25/08/16 10:54, John Mattsson wrote: > I think the recently published attack has more to do with bad > implementations/specification than a newly discovered weakness in 3DES. > That you should never encrypt anything near 2^32 blocks is well known (but > I don’t know how well this is explained in NIST or IETF specifications, if > at all). > > I am very supportive of everything speeding up the deprecation of weak
Just in case folks haven't considered it, the "d" in the name of the IETF's curdle WG [1] stands for deprecation. Obviously that has to be done with care and consideration, but there is a generic venue where folks can propose that kind of thing. Cheers, S. [1] https://tools.ietf.org/wg/curdle/ > algorithms and protocols, but then I think CFRG should make a broader > approach and look at more candidates for general deprecation like SHA-1 > signatures, 1024-bit MODP, and 1024-bit RSA… I think all of these are far > weaker than 3-key 3DES. > > Making sure that IETF provides good implementation guidelines and > requirements for all ciphers might be as important. > > /John > > > On 25/08/16 05:28, "Cfrg on behalf of Peter Gutmann" > <cfrg-boun...@irtf.org on behalf of pgut...@cs.auckland.ac.nz> wrote: > >> Tony Arcieri <basc...@gmail.com> writes: >> >>> Should there be a 3DES "diediedie"? >> >> Only if there's an actualy issue. 3DES is still very widely supported >> (particularly in financial systems and embedded), and provides a useful >> backup to AES. An attack that recovers cookie if you can record 785GB >> of traffic isn't anything I'm losing any sleep over. >> >> Peter. >> _______________________________________________ >> Cfrg mailing list >> c...@irtf.org >> https://www.irtf.org/mailman/listinfo/cfrg > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
