[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Stream Cipher Transform -- revisited

To: ipsec@TIS.COM, skip-info@tik.ee.ethz.ch, markson@incog.com, dpalma@netcom.com, Project SKIP <skip@tik.ee.ethz.ch>
Subject: Stream Cipher Transform -- revisited
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Wed, 3 Jul 1996 14:42:10 +0200 (MET DST)
Cc: Burkhard Stiller <stiller@tik.ee.ethz.ch>, Bernhard Plattner <plattner@tik.ee.ethz.ch>
Sender: ipsec-approval@neptune.tis.com

-----BEGIN PGP SIGNED MESSAGE-----

Hello everybody,

during the last few weeks Marcel and I received some favorable and
encouraging comments (among others ;-) ) concerning the stream-cipher
draft, and its usability for real-world implementations. This motivated
us to continue our work on it, and I would thus like to invite your
technical feedback, comments, suggestions that will lead to a new
revision of the draft.

draft-esp-stream-00.txt is the base of discussion, as it can e.g. be found
under http:///www.tik.ee.ethz.ch/~skip/esp-stream.txt

Current list of changes:

Make it possible to use 4-byte OR 8-byte counters for the stream offset.
This might save 4 bytes of headers in protocols where quick change of packet
keys is the norm.

The point has been raised that the 'stream offset' of 64 bits maximal might
be insufficent for certain algorithms. Comments on this?

A section will be added that contains concrete parameters for RC4 and SEAL 
such that alogorithms can be assigned 'transform identifiers' and used  
in key management protocols. This should alleviate the problem of the draft 
being too generic. The drawback is that the draft would then actually specify 
the parameters for a group of ciphers and not only one of them...

No authentication will be incorporated, as the goal of esp-stream is to
provide as fast as possible privacy to e.g. encrypt realtime video.

Should we add CFB mode (or perhaps even OFB) of DES or another wellknown
algorithm such as BLOWFISH, RC5 or Safer-SK as a 'stream cipher' ?
If yes, the structure of the individual IVs needs to be discussed. This
might be a bad idea. And then it might not...

It has been suggested that replay protection is more important than the
'optional' label would indicate. How do people feel about making it
mandatory, or shold we just strengthen the wording in the advisory text?


Please send feedback to me or skip@tik.ee.ethz.ch, and we will produce a new
revision of the draft in the next few weeks.

Friendly greetings,

	Germano Caronni

p.s. I would like to thank the following persons (in no particular order)
for their feedback and comments to esp-stream. I apologize to those people 
I missed in this list, some comments lost their name tags during the time...

Roy Shamir, David Wagner, Ran Atkinson, Ashar Aziz, Tom Markson, 
Rich Skrenta, Derek Palma



- -- 
<...cookie space for rent...>

Germano Caronni    caronni@tik.ee.ethz.ch    http://www.tik.ee.ethz.ch/~caronni
PGP-Key-ID:7B7AE5E1    gec@acm.org             997C6DC4AF930A5D2D5D6AEAA196C33B

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBMdpqn7H8jId7euXhAQGh1gP/cVO/XUV08z4Q5bgiek8HnF6cwTn2urfz
cE5eQ0O17fzpOwl2iOnNd0L3z44nW8jdAgpos0ihgPS/cnmDOssK/DI6yZ0FkHUz
LVpvW/fuup5N62QgeFw40pil5s6ivvMcYmKMaYKJqV7bGh4u24yc+sgb1CydZJU+
jY4ag4N3LeQ=
=Gvyk
-----END PGP SIGNATURE-----

Follow-Ups:

Re: Stream Cipher Transform -- revisited

From: "Terry L. Davis, Boeing Information & Support Services, Bellevue, WA" <tld5032@commanche.ca.boeing.com>

Prev by Date: Re: deriving keying material from the shared secret
Next by Date: Re: Authentication using ESP in Transport Mode
Prev by thread: mailing list archive location?
Next by thread: Re: Stream Cipher Transform -- revisited
Index(es):
- Main
- Thread