Why DES in IPSEC ESP?
Marc Horowitz
marc at cam.ov.com
Thu Aug 10 09:10:56 PDT 1995
>> | Why was (single) DES chosen as the algorithm for the ESP part of IPSEC?
Because people were going completely nuts about mandating something
not easily specifiable at all. DES was an easier case to make than
3DES.
>> So, in order to ship sooner rather than later, DES was chosen.
>> 3DES will probably be available soon afterwards.
Shipping is irrelevant. Perry is busily coding 3DES support into
NetBSD. Once it's in the bsd network stack, it will spread
everywhere. Presumably, someone will implement it outside the US as
well.
As Perry put it succinctly at a recent IETF meeting, people will not
necessarily use what is mandated. They will use what is available.
If 3DES is in the freely available reference implementation (which it
will be), and it performs adequately, that is what will get used.
Marc
More information about the cypherpunks-legacy
mailing list