[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on a basic encryption mode

To: "James P. Hughes" <hughes@hughes.network.com>
Subject: Re: Thoughts on a basic encryption mode
From: Steve Kent <kent@BBN.COM>
Date: Tue, 02 Aug 94 10:49:00 -0400
Cc: ipsec@ans.net
In-Reply-To: Your message of Tue, 02 Aug 94 09:39:34 -0500. <9408020939.ZM13610@hughes.network.com>

Jim,

	I agree with the general thrust of your observations.  When I
teach my tutorial on network security, I argue in favor of per-packet
IVs.  Without their use, identical prefixes of packets are visible.  I
am less concerned about the ability you cite to do frequency analysis
with most of the Internet transport layer protocols, but in general
the use of a per-packet IV is a good practice.  However, I was
pointing out that the FIPS does allow for not using a per-packet IV
with CBC mode, which addresses the concern of Phil and others who want
to be frugal about bandwidth in wireless environments.

Steve

Follow-Ups:

Re: Thoughts on a basic encryption mode

From: uri@watson.ibm.com

References:

Re: Thoughts on a basic encryption mode

From: hughes@hughes.network.com (James P. Hughes)

Prev by Date: Re: SIPP and SKIP. 2 subjects.
Next by Date: Re: Thoughts...
Prev by thread: Re: Thoughts on a basic encryption mode
Next by thread: Re: Thoughts on a basic encryption mode
Index(es):
- Main
- Thread