Re: [LinkSec] Factoid: MIC size
IPsec uses a MIC of 96 bits for similar reasons.
Russ
At 03:09 PM 9/2/2003 -0400, Leech, Marcus (EXCHANGE:FITZ:8M86) wrote:
>Under the standard birthday attack collision assumptions, the probability
> of collision becomes significant when the number of messages under a given
> key approachs sqrt(2^size-of-mic).
>
>That means that for a 64-bit MIC, you need to change keys before 2^32 messages
> have been sent under a key. For a 10gbit link, under assumption of average
> 1000-bit messages, that's a key change every 7.15 minutes or so. That
> impacts
> the efficiency of the key-exchange algorithm, and the decision-point for
> key-change (if you algorithm for key-changing is slow, you want to
> start trying
> to do a key-change rather early, so that there's NO possibility of
> exceeding
> the collision limit).
>
>Since we seem to be in the "how many bits can we realistically add to the
>header"
> phase, I'd vote for more MIC bits than 64.
>
>--
>----------------------------------------------------------------------
>Marcus Leech Mail:
>Advisor Phone: (ESN) 393-9145 +1 613 763
>9145
>Security Architecture and Planning Fax: (ESN) 393-2754 +1 613 763
>2754
>Nortel Networks mleech@nortelnetworks.com
>-----------------Expressed opinions are my own, not my employer's------