[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv4 Security redux

To: karn@qualcomm.com (Phil Karn)
Subject: Re: IPv4 Security redux
From: smb@research.att.com
Date: Thu, 22 Apr 93 04:30:45 EDT
Cc: ipsec@ans.net

	 I don't really see the point of having multiple keys that are going
	 to be stored right next to each other in the same trusted kernel anyway,
	 but I guess if it's a real requirement we might as well add it.

	 The only case where I think it really makes sense to have multiple keys
	 is when you have multiple ciphers with different performance/security
	 tradeoffs.

Exactly.  The Motorola SP3 box I saw at Interop runs at ~600 packets/sec.  
The DES encryptors there ran at or near Ethernet speeds.  If you want
another example, just consider triple-DES vs. DES.

	 A question here is how applicable the military multi-level
	 compartmental security model is to commercial applications.

Well, given CIPSO, I'd say it does apply.

Follow-Ups:

Re: IPv4 Security & MLS

From: atkinson@tengwar.itd.nrl.navy.mil (Ran Atkinson)

Prev by Date: Re: IPv4 Security redux
Next by Date: Re: IPv4 Security & MLS
Prev by thread: Re: IPv4 Security redux
Next by thread: Re: IPv4 Security & MLS
Index(es):
- Main
- Thread