[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Granularity of authentication in swIPe

To: Phil Karn <karn@qualcomm.com>
Subject: Re: Granularity of authentication in swIPe
From: Steve Kent <kent@BBN.COM>
Date: Fri, 17 Jun 94 16:10:11 -0400
Cc: ipsec@ans.net
In-Reply-To: Your message of Fri, 17 Jun 94 12:08:43 -0700. <199406171908.MAA26935@servo.qualcomm.com>

Phil,

	As Ted Ts'o pointed out in a private message, the use of the
LEAF with SKIPJACK is a good example where an "IV" cannot be just a
sequence number.  Certainly you wouldn't want IPSP to not be
compatible with FIPS 185 :-)!  SKIPJACK wasn't the example I had in
mind, but it is representative of crypto hardware that insists on
generating the IV itself, to minimize the possibility of repeating
and IV already used under a given key.

Steve

Follow-Ups:

Re: Granularity of authentication in swIPe

From: tytso@ATHENA.MIT.EDU (Theodore Ts'o)

References:

Re: Granularity of authentication in swIPe

From: Phil Karn <karn@qualcomm.com>

Prev by Date: Re: Granularity of authentication in swIPe
Next by Date: Re: Granularity of authentication in swIPe
Prev by thread: Re: Granularity of authentication in swIPe
Next by thread: Re: Granularity of authentication in swIPe
Index(es):
- Main
- Thread