Why? The responder can remember that generation 8 had a 20-bit difficulty level. If the attack then gets worse, than generation 9 is created with a 23-bit difficulty level.
The responder needs only remember the generation and associated difficulty level. > On Dec 4, 2014, at 1:07 AM, Graham Bartlett (grbartle) <grbar...@cisco.com> > wrote: > > > If the 1 byte 'difficulty level' has become the 'puzzle id', could we > break the 1 byte into two 4 bits? > > 1st 4 bits is 'puzzle/generation id', next 4bits is 'difficulty level', > this allows for 16 cycles for when every secret changes and still allows > 16 levels of puzzles.. > > (just a thought as if the difficulty level disappears you loose the > ability to set a the hardness of the puzzle) > > > On 03/12/2014 16:01, "Yoav Nir" <ynir.i...@gmail.com> wrote: > >> >>> On Dec 3, 2014, at 5:44 PM, Valery Smyslov <sva...@gmail.com> wrote: >>> >>> Hi Scott, >>> >>> this is almost identical to what I proposed in my original e-mail, >>> if you substitute "difficulty level" with "puzzle id². >> >> Or call it ³generation id², and increment it whenever you generate a new >> secret and/or change the difficulty level. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
