[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Human I&A, IPsec, and their non-relationship

To: karn@qualcomm.com
Subject: Re: Human I&A, IPsec, and their non-relationship
From: " " <amir@watson.ibm.com>
Date: Mon, 19 Dec 1994 09:57:51 -0500
Cc: uri@watson.ibm.com, ho@cs.arizona.edu, atkinson@sundance.itd.nrl.navy.mil, ipsec@ans.net
In-Reply-To: Your message of "Sun, 18 Dec 1994 18:07:00 PST." <199412190207.SAA01264@unix.ka9q.ampr.org>


Phil, you are right: the key is doing frequent, efficient updates of
the `session keys'. Your suggestion below is essentially identical to
what we proposed (in MKMP); you need to deal with the protocol to do this
to avoid replay, loss of sync etc, which is exactly the MKMP protocol.

> The session key will probably be generated along the lines of
>
> key = MD5(DH shared secret, cookie1, cookie2, SAID)
>
> where cookie1 and cookie2 are the Photuris cookies in sort order.
>
> This clearly makes session key establishment cheap enough to permit
> frequent session rekeying. E.g., each SAID could be given an
> administrative lifetime in seconds and/or packets, after which a new
> one is created with a new key, the old one is destroyed, and traffic
> rerouted to use the new SAID.

I suggest we make sure that at least this component of deriving session keys
from master keys is one and common across all implementations. Furthermore
I agree with you that we can have a single protocol which is tunable to meet
different security/efficiency tradeoffs... I'll like to have more technical
discussion about this protocol to achieve all our goals. More on this later.

Best, Amir

References:

Re: Human I&A, IPsec, and their non-relationship

From: Phil Karn <karn@unix.ka9q.ampr.org>

Prev by Date: Re: Size of IV field in DES-CBC mode
Next by Date: Few SwiPe questions
Next by thread: Re: IPSEC at Dec IETF
Index(es):
- Main
- Thread