[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why DES in IPSEC ESP?

To: [email protected]
Subject: Re: Why DES in IPSEC ESP?
From: Marc Horowitz <[email protected]>
Date: Thu, 10 Aug 1995 12:11:53 -0400
In-Reply-To: Adam Shostack's message of 10 Aug 1995 13:31:41 -0000
Sender: [email protected]

>> | Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 

Because people were going completely nuts about mandating something
not easily specifiable at all.  DES was an easier case to make than
3DES.

>> 	So, in order to ship sooner rather than later, DES was chosen.
>> 3DES will probably be available soon afterwards.

Shipping is irrelevant.  Perry is busily coding 3DES support into
NetBSD.  Once it's in the bsd network stack, it will spread
everywhere.  Presumably, someone will implement it outside the US as
well.

As Perry put it succinctly at a recent IETF meeting, people will not
necessarily use what is mandated.  They will use what is available.
If 3DES is in the freely available reference implementation (which it
will be), and it performs adequately, that is what will get used.

		Marc

Prev by Date: Re: IPSEC goes to RFC
Next by Date: Re: IPSEC goes to RFC
Prev by thread: Re: Why DES in IPSEC ESP?
Next by thread: CAC_kle
Index(es):
- Date
- Thread