Re: iSCSI: nits on SRP text key lengths

To: Paul Koning <ni1d@arrl.net>
Subject: Re: iSCSI: nits on SRP text key lengths
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Thu, 11 Apr 2002 23:59:05 +0300
Cc: ips@ece.cmu.edu, owner-ips@ece.cmu.edu
Content-Type: multipart/alternative; boundary="=_alternative 006D0E2BC2256B98_="
Sender: owner-ips@ece.cmu.edu

This was left to leave room for larger groups when and if they are required/supported.

Julo

Paul Koning <ni1d@arrl.net>
Sent by: owner-ips@ece.cmu.edu

04/10/2002 11:51 PM
Please respond to Paul Koning

To: ips@ece.cmu.edu
cc:
Subject: iSCSI: nits on SRP text key lengths

The current draft talks about the length of the various binary data
keys used with SRP. The length limit is given as 1024 bytes, i.e.,
8192 bits, for all of the binary data items.

8192 makes sense only if we allow a field modulus of that size, which
doesn't make a whole lot of sense. If the groups are limited to those
defined in IKE, then the size limit becomes 1024 bits = 128 bytes. If
the groups defined in the ips-security draft are also allowed, then
the size limit is 2048 bits = 256 bytes.

The H(...) key in SRP is a SHA-1 hash output, which means its size
must be exactly 20 bytes.

paul

Follow-Ups:
- Re: iSCSI: nits on SRP text key lengths
  - From: Paul Koning <ni1d@arrl.net>

Prev by Date: Re: iscsi : Review Feedback on Rev 11-94.
Next by Date: DH-CHAP
Prev by thread: RE: iSCSI: nits on SRP text key lengths
Next by thread: Re: iSCSI: nits on SRP text key lengths
Index(es):
- Date
- Thread

Home

Last updated: Thu Apr 11 18:18:24 2002
9612 messages in chronological order