[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Granularity of authentication in swIPe
Phil,
As Ted Ts'o pointed out in a private message, the use of the
LEAF with SKIPJACK is a good example where an "IV" cannot be just a
sequence number. Certainly you wouldn't want IPSP to not be
compatible with FIPS 185 :-)! SKIPJACK wasn't the example I had in
mind, but it is representative of crypto hardware that insists on
generating the IV itself, to minimize the possibility of repeating
and IV already used under a given key.
Steve
Follow-Ups:
References: