Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

[LinkSec] Factoid: MIC size

To: stds-802-linksec@ieee.org
Subject: [LinkSec] Factoid: MIC size
From: "Leech, Marcus (EXCHANGE:FITZ:8M86)" <mleech@NORTELNETWORKS.COM>
Date: Tue, 02 Sep 2003 15:09:55 -0400
Organization: Nortel Networks
Sender: owner-stds-802-linksec@majordomo.ieee.org


Under the standard birthday attack collision assumptions, the probability
  of collision becomes significant when the number of messages under a given
  key approachs sqrt(2^size-of-mic).

That means that for a 64-bit MIC, you need to change keys before 2^32 messages
  have been sent under a key.  For a 10gbit link, under assumption of average
  1000-bit messages, that's a key change every 7.15 minutes or so.  That impacts
  the efficiency of the key-exchange algorithm, and the decision-point for
  key-change (if you algorithm for key-changing is slow, you want to start trying
  to do a key-change rather early, so that there's NO possibility of exceeding
  the collision limit).

Since we seem to be in the "how many bits can we realistically add to the header"
  phase, I'd vote for more MIC bits than 64.

-- 
----------------------------------------------------------------------
Marcus Leech                             Mail:
Advisor                                  Phone: (ESN) 393-9145  +1 613 763 9145
Security Architecture and Planning       Fax:   (ESN) 393-2754  +1 613 763 2754
Nortel Networks                          mleech@nortelnetworks.com
-----------------Expressed opinions are my own, not my employer's------

Follow-Ups:
- Re: [LinkSec] Factoid: MIC size
  - From: Mats Näslund <mats.naslund@ericsson.com>
- Re: [LinkSec] Factoid: MIC size
  - From: Russ Housley <housley@vigilsec.com>

Prev by Date: Re: [LinkSec] Factoid: MIC size
Next by Date: [LinkSec] Reminder: linksec call on Tuesday at 2:00pm ET
Prev by thread: [LinkSec] algorithm choices - criteria
Next by thread: Re: [LinkSec] Factoid: MIC size
Index(es):
- Date
- Thread