Re: AES Implementation

From: kurt kruegel (kurt@cybernex.net)
Date: Mon Sep 16 2002 - 14:12:52 GMT-3

• Next message: beda jain: "Re: Gargly/Echo noise with frame-relay RTP"
• Previous message: Chuck Church: "RE: Interfaces not specifically defined ..."
• Maybe in reply to: Larson, Chris: "AES Implementation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

it seems so
since right now cisco has started with aes128

i havent spend that much time with it
the initial version supports only aes128
for phase 1 and phase 2.

"Larson, Chris" wrote:

> > I have been doing some reasearch since my original post.
> >
> > AES was adopted as a standard by NIST.
> >
> > The AES algorithm itself as a method of encrypting may have been
> > standardised, but there still needs to be some standardising method of
> > "glue" as you called it, or implementation in using AES in IPSEC, or IKE
> > etc. I was trying to find out where it was on these issues. There is a
> > draft on this and several other in the IETF IPSEC working group right now.
> > The latest is a draft with the IPSEC working group expires this December.
> > It only ran 6 months from June.
> [Larson, Chris]
>
> I am still trying to find out what that means for early adopters.
> Any interoperability issues?? I had thought that IKE would only do 56 and
> 128 bit key exchanges. If this is true, that would mean that the 256 bit AES
> keys are cannot be used currently in any products that implement AES unless
> done through a manual setup. Is this accurate?
>
> >
> >
> >
> >
> >
> >
> > -----Original Message-----
> > From: Ignas Bagdonas [SMTP:Ignas.Bagdonas@sc.vu.lt]
> > Sent: Monday, September 16, 2002 12:26 PM
> > To: Larson, Chris
> > Subject: Re: AES Implementation
> >
> >
> > ,
> >
> > > I think AES is still in a draft at IETF, however I have heard that
> > seom
> > > vendors are supporting it. I would assume this means
> > interoperability is
> > > spotty at best until IETF finished the draft? Is this correct,
> >
> > That is not correct. AES (or Rijndael, as it is originally named)
> > was
> > finally ratified circa a year ago, and IETF did no direct activity
> > on it.
> > As of interoperability, there are no interoperability issues for AES
> > itself - only for gluing mechanisms.
> >
> >
> > > and does Cisco have an implementation in any of their products yet
> > that
> > > you people know of? I have read the Cisco position paper already
> > so that
> > > was not helpful. Has anyone seen AES as an available cipher in any
> > of
> > > the products they are using?
> >
> >
> > There is an EFT for router platforms. Although I don't know when it
> > will
> > become available. Seems like it has had to already, as often. ;-)
> >
> >
> > Ignas

• Next message: beda jain: "Re: Gargly/Echo noise with frame-relay RTP"
• Previous message: Chuck Church: "RE: Interfaces not specifically defined ..."
• Maybe in reply to: Larson, Chris: "AES Implementation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:53 GMT-3