[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts...

To: Phil Karn <karn@qualcomm.com>
Subject: Re: Thoughts...
From: Steve Kent <kent@BBN.COM>
Date: Tue, 02 Aug 94 10:33:28 -0400
Cc: ipsec@ans.net
In-Reply-To: Your message of Mon, 01 Aug 94 20:46:17 -0700. <199408020346.UAA28696@servo.qualcomm.com>

Phil,

	The error propogation of CNBC is strictly limited, so using a
specified pad value at the end and checking it will not detect
modification that occurred more than one block earlier in the data
stream.  Given that limitation, it might be better to use a real
manipulation detection function, or, as you suggested, rely on the
transport layer error detection functions and view IPSP, in this
instance, as providing only "support for" integrity at higher layers.

	As for the IV issue, as I noted earlier, a per security
association IV would be consistent with the guidance of FIPS 81, the
DES modes standard.  It also might avoid any possible problems with
hardware that is designed to implemet DES modes according to FIPS 81.
The incremental performance cost in a software implementation is just
that of XORing the 64-bit IV for the first block, which seems rather
minimal.

Steve

Follow-Ups:

Re: Thoughts...

From: "Perry E. Metzger" <perry@imsi.com>

References:

Re: Thoughts...

From: Phil Karn <karn@qualcomm.com>

Prev by Date: Re: SIPP and SKIP. 2 subjects.
Next by Date: Re: Thoughts on a basic encryption mode
Prev by thread: Re: Thoughts...
Next by thread: Re: Thoughts...
Index(es):
- Main
- Thread