Re: Bandwidth reservation and AH, and non-MD5 based AH.

[David A Wagner <daw@dawn9.CS.Berkeley.EDU>]

>   If one is talking about bandwidth reservation then one wants the packets
> examined at several places. One could share (via photoris or other) the secret
> keying information with all these gateways. I dislike this.

Hrmm, why?

If AH with a symmetrically-keyed MAC is used just for protecting reserved
bandwidth (not for secure end-to-end source authentication or message
integrity), then it doesn't seem like such a big deal to have to trust a
few routers to hold your bandwidth session-key.

(After all, you have to trust them to actually give you the bandwidth which
they've promised to reserve for you.)

I'd expect that you'll exchange short-lived session MAC keys based on some
public-key algorithm anyhow, so that oughta decrease the risk even further.

But then again, I know nothing about bandwidth reservation.

> Or, one could use a public key based digital signature. I worry that checking
> this signature may take so long that the bandwidth reservation becomes moot
> due to latency...

Yeah, that's a problem with public-key stuff: it's so slow.  Do note that
signature verification is much faster than signature generation when you use
RSA with a small public exponent, though it is admittedly still quite slow.

---

Follow-Ups:

• Re: Bandwidth reservation and AH, and non-MD5 based AH.
• From: Michael Richardson <mcr@milkyway.com>

References:

• Bandwidth reservation and AH, and non-MD5 based AH.
• From: Michael Richardson <mcr@milkyway.com>

---

• Prev by Date: RE: network security products
• Next by Date: Re: I-D ACTION:draft-ietf-ipsec-photuris-09.txt
• Prev by thread: Bandwidth reservation and AH, and non-MD5 based AH.
• Next by thread: Re: Bandwidth reservation and AH, and non-MD5 based AH.
• Index(es):
  • Main
  • Thread