RE: iSCSI: nits on SRP text key lengths

[Black_David@emc.com]

Careful - these keys have to be sent as text, not raw binary.
If a hex encoding is used, one gets 4 bits to the byte rather
than 8, so the current max would be 4096 bits.

Also the discussion of symmetric and asymmetric key lengths
in draft-orman-public-key-lengths-05.txt suggests that that
a 4096 bit limit might be prudent to give us some breathing
room going into the future (and one could use that draft to
argue for a significantly larger limit, but I won't).  I
recommend reading the entire draft (it'll be out as an RFC
soon), as it's very tempting to oversimplify this sort of
key length discussion, which has some subtleties.  For
example, one might think that if a 128 AES key were used
with IPsec, an equivalent strength IKE group (larger than
2048 bits) would be needed, but that is *not* necessarily
the case.

Thanks,
--David
---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 249-6449 *NEW*      FAX: +1 (508) 497-8500
black_david@emc.com         Cell: +1 (978) 394-7754
---------------------------------------------------

> -----Original Message-----
> From: Paul Koning [mailto:ni1d@arrl.net]
> Sent: Wednesday, April 10, 2002 4:52 PM
> To: ips@ece.cmu.edu
> Subject: iSCSI: nits on SRP text key lengths
> 
> 
> The current draft talks about the length of the various binary data
> keys used with SRP.  The length limit is given as 1024 bytes, i.e.,
> 8192 bits, for all of the binary data items.
> 
> 8192 makes sense only if we allow a field modulus of that size, which
> doesn't make a whole lot of sense.  If the groups are limited to those
> defined in IKE, then the size limit becomes 1024 bits = 128 bytes.  If
> the groups defined in the ips-security draft are also allowed, then
> the size limit is 2048 bits = 256 bytes.
> 
> The H(...) key in SRP is a SHA-1 hash output, which means its size
> must be exactly 20 bytes.
> 
>      paul
>