[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IVs

To: karn@qualcomm.com (Phil Karn)
Subject: Re: IVs
From: uri@watson.ibm.com
Date: Wed, 3 Aug 1994 23:38:32 -0500 (EDT)
Cc: kent@BBN.COM, hobbit@asylum.sf.ca.us, ipsec@ans.net
In-Reply-To: <199408040045.RAA09740@servo.qualcomm.com> from "Phil Karn" at Aug 3, 94 05:45:51 pm
Reply-To: uri@watson.ibm.com

Phil Karn says:
> How about if we just use the outer (plaintext) IP ID field as a
> confounder/IV? After all, it's free, and when combined with the source
> IP address it's intended to make each packet relatively unique.
> I know it's only 16 bits, but that still gives us 65536 unique packet
> IVs.  Simply rekeying (e.g., creating new SAIDs) more often than that
> will take care of the rest.

I'm all for it.
--
Regards,
Uri         uri@watson.ibm.com      acheron!angmar!uri 	N2RIU
-----------
<Disclamer>

References:

Re: IVs

From: Phil Karn <karn@qualcomm.com>

Prev by Date: working keys
Next by Date: Re[2]: reserving some SAIDs
Prev by thread: Re: IVs
Next by thread: Re: IVs
Index(es):
- Main
- Thread