[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: risks of MACs associated with packets

To: ipsec@ans.net
Subject: Re: risks of MACs associated with packets
From: Derrell Piper <PIPER@BILBO.TGV.COM>
Date: Mon, 30 Jan 1995 11:18:52 -0700 (PDT)

RE: AH 

I also think the authentication info should be outside of the ESP 
so that bogus packets can be detected without having to decrypt the
whole packet...

>I think, as I believe Phil Karn does, that you want authentication
>to be outside of your encyrption so that it is less work to throw
>away bogus packets and so that intermediate points can, if properly
>configured, authenticate the message without reading it.
>
>Donald

Derrell Piper   | piper@tgv.com      | Tech Support: +1 408 457 5201
TGV, Inc.       | 101 Cooper Street  | Santa Cruz, CA 95060 USA

Prev by Date: MD5 versus SHA
Next by Date: Re: AH-MD5
Prev by thread: Re: risks of MACs associated with packets
Next by thread: Re: risks of MACs associated with packets
Index(es):
- Main
- Thread