[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Summary - IV field in DES-CBC mode
Options for shorter IV for IPSP DES-CBC modes of operation:
! 1) PAD with zeros ...
! 2) PAD with a fixed (non-zero) pattern
!! 3) use the SAID also (to get to 8-bytes)
4) PAD with SAID determined bits (secret to outside observer)
5) expand (with MD5) to 8-bytes
X 6) use part of IP address
!! 7) duplicating the 32 bits in each half of the IV
Option 4 adds yet another secret to negotiate. IVs do not need to be secret.
We do need to consider high speed implementations of IPSP. Option 5 (using MD5
to create the extra 32 bits of IV) would create significant extra processing.
Option 6 will not work.
This leaves options 1, 2, 3 and 7.
I am partial to option 3, using the SAID as part of the IV. Some DES
implementations expect the IV to be "in front" of the encrypted data.
Option 7 also seems quite simple...
Paul