Re: IVs, summary of discussion

[Ran Atkinson <atkinson@sundance.itd.nrl.navy.mil>]

On Aug 27, 23:42, Phil Karn wrote:
% Subject: Re: IVs, summary of discussion
%
%  So I take it that there's general agreement that Mode 1 encryption
% (single key DES/CBC, as we've already discussed) can use the IPv4 ID
% field as the IV? Remember that we intend this mode to be mandatory in
% all IPSEC implementations to provide basic interoperability (only the
% implementation is mandatory, not its actual use). So it's really
% important that it not be too difficult to add to existing
% implementations.
}-- End of excerpt from Phil Karn
 
All,

  Last Monday I gave an MBONE talk on the IPv6 security stuff as part
of the open IPv6 Design Review.  During that talk, Jeff Schiller
suggested that DES OFB mode might be preferable since IP can both lose
and re-order packets.  I'm wondering what folks on this list think of
that idea instead of DES CBC mode.  

Phil,
  What would you propose for the IV for use with IPv6 ?

Ran
atkinson@itd.nrl.navy.mil

---

Follow-Ups:

• Re: IVs, summary of discussion
• From: "Perry E. Metzger" <perry@imsi.com>
• Re: IVs, summary of discussion
• From: Steve Kent <kent@BBN.COM>

References:

• Re: IVs, summary of discussion
• From: Phil Karn <karn@qualcomm.com>

---

• Prev by Date: Re: IVs, summary of discussion
• Next by Date: Re: IVs, summary of discussion
• Prev by thread: Re: IVs, summary of discussion
• Next by thread: Re: IVs, summary of discussion
• Index(es):
  • Main
  • Thread