[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Photuris questions

To: ipsec@ans.net
Subject: Re: Photuris questions
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Mon, 18 Sep 95 13:06:04 GMT

> From: Hilarie Orman <ho@cs.arizona.edu>
> The error message I'd like to recommend is for the case where one side says
> to the other "I really wanted you to establish an ESP SA for sending
> stuff to me; you chose not to, I'm displeased."
>
You seem confused.  Since _I_ establish the ESP SA for sending stuff to
_me_, this would be a pointless error message.  Remember, SPIs are
Destination oriented.

I did add a message for when I want to _send_ ESP, and _you_ didn't
establish an ESP SA.  That's the correct direction.  That's how I had
interpreted your suggestion, which is a very good idea.


> If both AH and ESP are indicated by one SPI, then how are the keys for
> the two modes assigned?  Are there two separate keys?
>
The same key bitstuff is reused.  There are two separate session-keys
only when two separate SPIs.  SPI => session-key, remember?

Note that specifically using MD5 and DES, there will be two slightly
different keys anyway, since MD5 uses the entire generated key, while
DES uses only the first 64-bits and inserts parity.  But they are
obviously algorithmically derived.

I added more explicit keying instructions long ago.  The new draft
should be coming to a directory near you Real Soon Now, after Phil and I
go over the new text today.  But, since you have been so helpful in the
past, I'll quickly send you a private copy for review.  Particularly as
I have some questions on the text and references that you sent previously.


> If the number of bits required for supporting all the underlying algorithms
> exceeds the number that Photuris can safely deliver, is there an error
> message to that effect?  If all the algorithms must have independent keys,
> this situation can occur under realistic scenarios.
>
Huh?  Safely deliver?  Sounds like you are getting theoretical on me
again.  I certainly don't have an algorithm for "safeness" of bits!

The implementation just has to be smart enough that when MD5 delivers
128-bits, it can't pick an algorithm that requires a key of more than
128-bits.  DES will always be implemented, so no problem there (56-bits).

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Follow-Ups:

Re: Photuris questions

From: Mike Roe <Michael.Roe@cl.cam.ac.uk>

Prev by Date: Re: Photuris questions
Next by Date: Re: Photuris questions
Prev by thread: Re: Photuris questions
Next by thread: Re: Photuris questions
Index(es):
- Main
- Thread