List Info

Thread: NIST publishes new DSA draft
NIST publishes new DSA draft
user name
 2006-03-15 19:14:02 
On Tue, 14 Mar 2006 10:58:39 -0500 David Shaw 
<dshawjabberwocky.com> wrote:
>In the OpenPGP context, probably the most interesting
bit is that 
>the
>160-bit hash limit has been removed.  The sizes
supported are:
>
>* 1024-bit key, 160-bit hash (the current DSA)
>* 2048-bit key, 224-bit hash (presumably aimed at
SHA-224)
>* 2048-bit key, 256-bit hash (presumably aimed at
SHA-256)
>* 3072-bit key, 256-bit hash (presumably aimed at
SHA-256)
>
>It also adds the concept of using a larger hash than
will fit by
>taking the leftmost bits.
>
>http://
csrc.nist.gov/publications/drafts.html

the draft also refers to a previous draft of August/2005 (SP
800-
57)
which publishes a table of comparable strengths:
http://csrc.nist.gov/publications/nistpubs/800-57/SP8
00-57-
Part1.pdf
p.63

note that 3-DES is now referred to as TDEA
should this perhaps be included in rfc 2440 when 3-DES is 
mentioned?
i.e.
when 3-DES is first mentioned, 
it should be referred to as 3-DES(also known as TDEA)  


vedaal



Concerned about your privacy? Instantly send FREE secure
email, no account required
http://www.hushmai
l.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com
?l=485
NIST publishes new DSA draft
user name
 2006-03-19 20:02:11 
> note that 3-DES is now referred to as TDEA
> should this perhaps be included in rfc 2440 when 3-DES
is
> mentioned?
> i.e.
> when 3-DES is first mentioned,
> it should be referred to as 3-DES(also known as TDEA)

They're not the same. There is DES and DEA, just as there
is DSA and  
DSS. In each pair, there is an Algorithm and a Standard. The
standard  
is the algorithm plus other stuff. In the case of DES, it
specifies  
that the low bit of each byte (excuse me, octet) of the key
is a  
parity bit (and possibly other stuff I don't remember).
Everyone uses  
DES, not DEA. What we use is 3DES, not TDEA. In the case of
DSS, we  
*do* mean DSA because there were people who wanted (for
example) to  
use RIPE-MD/160 with DSA, not SHA-1, as DSS.

I suppose we could call it "TDES," but it's
been called "3DES" or  
"Triple-DES" for ages. If all of a sudden we
start calling it TDES,  
there will be many people who will rightly mutter,
"TDES? What the % 
$!
is TDES? Oh, *3DES*, why didn't you say so?"

	Jon
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )