Re: End to End integrity (was 4 byte vs 8 byte IVs for DES)

[Phil Karn <karn@unix.ka9q.ampr.org>]

>in San Jose. For very good reasons (so that you can have guarantees
>about the integrity of the addresses) Ran's spec for v6 includes a
>pseudoheader consisting of the invariant parts of the header of the IP
>datagram in his authentication header. I strongly feel we should be
>specifying something similar. This is doubly important in the

I'm not sure I agree. I think there's a fairly widespread feeling that
the pseudoheaders in the UDP and TCP checksums were a mistake, or at
least not really necessary. Even if deliberate misrouting is an issue,
what good would it do you given that each host pair has its own unique
key anyway?

I haven't thought as much about multicast, but it seems to me there's
not much you can do to protect against a rogue member who already has
the session key. Other than rekeying to exclude him, of course.

Phil

---

Follow-Ups:

• Re: End to End integrity (was 4 byte vs 8 byte IVs for DES)
• From: "Perry E. Metzger" <perry@imsi.com>

References:

• End to End integrity (was 4 byte vs 8 byte IVs for DES)
• From: "Perry E. Metzger" <perry@imsi.com>

---

• Prev by Date: Re: Size of IV field in DES-CBC mode
• Next by Date: Re: End to End integrity (was 4 byte vs 8 byte IVs for DES)
• Prev by thread: End to End integrity (was 4 byte vs 8 byte IVs for DES)
• Next by thread: Re: End to End integrity (was 4 byte vs 8 byte IVs for DES)
• Index(es):
  • Main
  • Thread