[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IVs



How about if we just use the outer (plaintext) IP ID field as a
confounder/IV? After all, it's free, and when combined with the source
IP address it's intended to make each packet relatively unique.

I know it's only 16 bits, but that still gives us 65536 unique packet
IVs.  Simply rekeying (e.g., creating new SAIDs) more often than that
will take care of the rest.

Phil


Follow-Ups: References: