[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SIPP and SKIP. 2 subjects.




As was discussed at the IETF, the SIPP encapsulation was a concensus....

The only change was a version field of 4 bits.

First subject.

In thinking about the compatibility of SKIP (with its implicit key exchange)
with explicit key management, it seemed that SIPP encapsulation would require
that the version be used to differentiate SAIDs that were generated by explicit
key management and packets that use implicit key exchange of SKIP.

I would suggest that 2 versions be generated,

	0b0000 		= SKIP
	0b0001 		= Explicit key management.
	0b0010 - 0b1111 = Reserved.

Second subject.

In SKIP, could the overhead be reduced even further if the SAID was used cache
the session key (Kp) and, if the stream offset (IV or other per packet info)
were in the clear, then DES would not usually be needed at all on a per block
basis. DES would only be needed if Kp (and the SAID changes).  In SKIP, the
SAID could be a one way random identifier.

jim




Follow-Ups: References: