|
| From: | shishi-commit |
| Subject: | Add des(3)-none. [...] |
| Date: | Thu, 11 Dec 2003 23:30:28 +0100 |
| Commit from jas | 2003-12-11 23:30 CET |
Add des(3)-none. Fix.
| Module | File name | Revision | |||
|---|---|---|---|---|---|
| shishi | doc/shishi.texi | 1.106 | >>> | 1.107 | |
| shishi/doc/shishi.texi 1.106 >>> 1.107 |
|---|
| Line 391 |
|
actual key size, not the effective key space as far as a brute force attack is concerned. |
|
+ As you may infer from the descriptions, there is currently no + encryption algorithm and only one checksum algorithm that inspire + great confidence in its design. Hopefully this will change over time. + |
|
@cindex DES @cindex 3DES @cindex AES |
| Line 417 |
|
where the key is derived from the base key in a creative way. It is weak. It is associated with the @code{arcfour-hmac-md5} checksum. |
|
+ @item des-cbc-none + + @code{des-cbc-none} is DES encryption and decryption with 56 bit keys + and 8 byte blocks in CBC mode, using a zero IV. The keys can be + derived from passwords by an obscure application specific algorithm. + It is weak, because it offers no integrity protection. This is + typically only used by RFC 1964 GSS-API implementations (which try to + protect integrity using an ad-hoc solution). It is associated with + the @code{NULL} checksum. + |
|
@item des-cbc-crc @code{des-cbc-crc} is DES encryption and decryption with 56 bit keys |
|
- and 8 byte blocks in CBC mode, using the key as IV. The keys can be - derived from passwords by an obscure application specific - algorithm. Data is integrity protected with an unkeyed but encrypted |
|
+ and 8 byte blocks in CBC mode, using the key as IV. The keys can be + derived from passwords by an obscure application specific algorithm. + Data is integrity protected with an unkeyed but encrypted |
|
@code{CRC32}-like checksum. It is weak. It is associated with the @code{rsa-md5-des} checksum. @item des-cbc-md4 @code{des-cbc-md4} is DES encryption and decryption with 56 bit keys |
|
- and 8 byte blocks in CBC mode, using a zero IV. The keys can be - derived from passwords by an obscure application specific - algorithm. Data is integrity protected with an unkeyed but encrypted - MD4 hash. It is weak. It is associated with the @code{rsa-md4-des} - checksum. |
|
+ and 8 byte blocks in CBC mode, using a zero IV. The keys can be + derived from passwords by an obscure application specific algorithm. + Data is integrity protected with an unkeyed but encrypted MD4 hash. + It is weak. It is associated with the @code{rsa-md4-des} checksum. |
|
@item des-cbc-md5 @code{des-cbc-md5} is DES encryption and decryption with 56 bit keys and 8 byte blocks in CBC mode, using a zero IV. The keys can be |
|
- derived from passwords by an obscure application specific - algorithm. Data is integrity protected with an unkeyed but encrypted - MD5 hash. It is weak. It is associated with the @code{rsa-md5-des} - checksum. This is the strongest RFC 1510 interoperable encryption - mechanism. |
|
+ derived from passwords by an obscure application specific algorithm. + Data is integrity protected with an unkeyed but encrypted MD5 hash. + It is weak. It is associated with the @code{rsa-md5-des} checksum. + This is the strongest RFC 1510 interoperable encryption mechanism. + + @item des3-cbc-none + + @code{des3-cbc-none} is DES encryption and decryption with three 56 + bit keys (effective key size 112 bits) and 8 byte blocks in CBC mode. + The keys can be derived from passwords by the same algorithm as + @code{des3-cbc-sha1-kd}. It is weak, because it offers no integrity + protection. This is typically only used by GSS-API implementations + (which try to protect integrity using an ad-hoc solution) for + interoperability with some existing Kerberos GSS implementations. It + is associated with the @code{NULL} checksum. |
|
@item des3-cbc-sha1-kd @code{des3-cbc-sha1-kd} is DES encryption and decryption with three 56 |
|
- bit keys (effective key size 112 bits) and 8 byte blocks in CBC - mode. The keys can be derived from passwords by a algorithm based on - the paper "A Better Key Schedule For DES-like Ciphers" |
|
+ bit keys (effective key size 112 bits) and 8 byte blocks in CBC mode. + The keys can be derived from passwords by a algorithm based on the + paper "A Better Key Schedule For DES-like Ciphers" |
|
@address@hiddenhttp://www.research.att.com/~smb/papers/ides.pdf}} by Uri Blumenthal and Steven M. Bellovin (it is not clear if the algorithm, and the way it is used, is used by any other protocols, |
| Line 490 |
|
used. However, checksum mechanisms can be used with other encryption mechanisms, as long as they are compatible in terms of key format etc. Here are the names of the supported checksum mechanisms, with some |
|
- notes on their status and the compatible encryption mechanisms. They |
|
+ notes on their status and the compatible encryption mechanisms. They |
|
are ordered by increased security as perceived by the author. @table @code |
| Line 571 |
|
Several of the cipher suites have long names that can be hard to memorize. For your convenience, the following short-hand aliases |
|
- exists. |
|
+ exists. They can be used wherever the full encryption names are used. |
|
@table @code |
| [Prev in Thread] | Current Thread | [Next in Thread] |