[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Size of IV field in DES-CBC mode

To: karn@qualcomm.com
Subject: Re: Size of IV field in DES-CBC mode
From: Carl Muckenhirn <cfm@columbia.sparta.com>
Date: Mon, 19 Dec 94 07:21:58 -0500
Cc: ipsec@ans.net, cfm@columbia.sparta.com
In-Reply-To: Your message of "Mon, 19 Dec 94 02:48:13 PST." <199412191048.CAA01748@unix.ka9q.ampr.org>

In message <199412191048.CAA01748@unix.ka9q.ampr.org>  you wrote:
> I almost hate to bring this up since we seemed to have such a
> consensus at the first San Jose meeting, but...
> 
> Do we really need a full 8 bytes for the IV field in the baseline
> DES-CBC mode? 4 bytes would be enough to maintain 32-bit alignment of
> the next-layer transport header (e.g., TCP, UDP or IP). And if these 4
> bytes are mapped properly into the actual 8-byte DES IV field they
> should do an acceptable job of ensuring that every packet ciphertext
> is completely different even when the corresponding plaintext begins
> with constant values (e.g., TCP or UDP port numbers).
> 
> Comments?
> 
> Phil
> 
> 

I agree that 4 bytes should be more than enough (4G datagrams). Also, in the
multicast case (not much of a concern so far) you simply concatenate the
sending IPaddr and the transmitted IV for your 8 byte DES IV. Now we don't
have to worry about IV clashes among the multicast participants. This
approach should also work for unicast IP. There no need for "mapping" between
the 4 byte IV and the full IV (cryptographically, there is not a
problem (for CBC) with simply left or right padding the IV).

carl.

References:

Size of IV field in DES-CBC mode

From: Phil Karn <karn@unix.ka9q.ampr.org>

Prev by Date: Size of IV field in DES-CBC mode
Next by Date: Re: Size of IV field in DES-CBC mode
Prev by thread: Size of IV field in DES-CBC mode
Next by thread: Re: Size of IV field in DES-CBC mode
Index(es):
- Main
- Thread