[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Internet Protocol Security Protocol (ipsec)

To: Bob Smart <smart@mel.dit.csiro.au>
Subject: Re: Internet Protocol Security Protocol (ipsec)
From: Steve Kent <kent@BBN.COM>
Date: Mon, 28 Jun 93 10:31:06 -0400
Cc: ipsec@ans.net, kent@BBN.COM
In-Reply-To: Your message of Mon, 28 Jun 93 09:55:57 +1000. <9306272355.AA29395@squid.mel.dit.CSIRO.AU>

Bob,

	There is a DES mode defined (OFB) for providing the
precomputation capability you describe.  It uses the DES in a feedback
arrangement to generate a pseudo-random sequence from a random or
pesdue-random seed value, but it fails to provide unpredictable error
propogation, an important feature in support of detecting modification
(as does your scheme).  I'd suggest you adopt that scheme if you want
a precomputation capability, but it would be less desirable for
general use in the IPSEC context because of this defficiency.

Steve

Follow-Ups:

Re: Internet Protocol Security Protocol (ipsec)

From: Bob Smart <smart@mel.dit.csiro.au>

References:

Re: Internet Protocol Security Protocol (ipsec)

From: Bob Smart <smart@mel.dit.csiro.au>

Prev by Date: Re: Internet Protocol Security Protocol (ipsec)
Next by Date: Re: Internet Protocol Security Protocol (ipsec)
Prev by thread: Re: Internet Protocol Security Protocol (ipsec)
Next by thread: Re: Internet Protocol Security Protocol (ipsec)
Index(es):
- Main
- Thread