Christian,
Well, I think it is quite a simple trade-off. Increasing Sec increases
computational effort on both sides by equal amount. Increasing the length of
the hash increases computational effort only on the attacker side. As a result,
the hash bits are relatively valuable.
Jari, the effect of sec is different on both sides. The effort is not increased "by equal
amount" but rather "in the same proportion." Suppose that an attacker could crack
the 59 bit hash in a day with sec=0. Adding sec = 1 means that the attacker will have to try 65536
times as many keys. The time to crack becomes 65536 hours, i.e. about 7 years. The defender will
have to try 65536 instead of one to get the right sec, taking only a fraction of a second.
Right. I was imprecise in what I said. In the same proportion is right.
Jari
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
