[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Internet Protocol Security Protocol (ipsec)



>The key management will be specified as an application layer protocol
>that is independent of the lower layer security protocol.

I can't help reading this to mean a new protocol. It is hard to believe
we wouldn't want to use existing directory services such as the DNS.
Actually a pet project of mine is to define X.509 using the DNS
instead of X.500, but in such a way that you get exactly the same
information whether you go through the DNS or X.500. This is not hard.

>   June 93 Post as an Internet-Draft the IP Security Protocol.

Is this the Karn-JI proposal? Are we going to see outlines of these
documents before they come out as IDs? That's the way it was done in
the MIME WG and it seemed to be a useful step. Well I have a comment
which may or may not be relevant since I don't have a clue what is
planned, but here it is:

I recently added X.509-based encryption to Telnet. It used DES in
CBC mode to encrypt the session. On data across a high speed link
(e.g. from localhost) there was a noticable added jerkiness to output.
The problem is that the feedback mechanism in CBC mode means that you
are forced to do the DES calculations at the last moment.

This problem can be overcome if we use a mechanism with no feedback.
Both sides generate the same pseudo-random number sequence and each
8-byte block of that sequence is DES encrypted (so the pseudo-random
number sequence itself doesn't have to be cryptographically strong).
This gives a sequence of bytes that each side XORs against the input 
or output.

The nice property of this is that both sides can generate a circular
buffer of future values that will be required using as much buffer 
space as they can afford. The DES encryption can be done during the
end-system's idle time and not at the crucial moment in time when
the incoming or outgoing data has to be processed. This seems likely 
to be even more important for a network layer encryption scheme than
for telnet.

Bob Smart

Robert.Smart@mel.dit.csiro.au                      Open Systems Program
CSIRO Division of Information Technology           phone: +61 3 282 2625
723 Swanston St, Carlton VIC 3053, Australia       fax:   +61 3 282 2600


Follow-Ups: References: