[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last Call: Combined DES-CBC, HMAC and Replay Prevention Security Transform to Proposed Standard

To: "Michael Sabin" <mike.sabin@worldnet.att.net>
Subject: Re: Last Call: Combined DES-CBC, HMAC and Replay Prevention Security Transform to Proposed Standard
From: "James Hughes" <hughes@nsco.network.com>
Date: 27 Dec 96 10:45:25 -0600
Cc: iesg@ietf.org, ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

> I went through the exercise of coding up an example datagram as per the
> draft.  My goal was to chase down details about byte/bit orderings in and
> out of the DES, MD5, HMAC, and replay-count operations.  I felt that
> most of the details were resolvable using the description in the draft
> and the cited references.  However, in a few cases I felt I was
> guessing.
> 
> One suggestion I have is that the draft include an example datagram,
> before and after encryption.  This will unambiguously nail down all
> details about bit/byte ordering.  Note that the individual specs for DES
> [FIPS-41], MD5 [RFC-1321], and HMAC [Krawczyk] include such examples.

This is a fantastic idea. Previous versions had just such an example. I
will add this verbatum as an appendix.

> Below is the example I came up with.  (If anybody is inclined to verify
> the example, I'd sure appreciate it.  :-) )  Items marked with (*) are
> places where I felt I was guessing about byte/bit orderings; some
> clarification about these may be desirable.

Yes, independent verification would me nice. I have not done so.

> mike

Prev by Date: Re: ISAKMP DOI Question (General, Not IP Specific) more ...
Next by Date: FW: ISAKMP Version
Prev by thread: Re: Last Call: Combined DES-CBC, HMAC and Replay Prevention Security Transform to Proposed Standard
Next by thread: Re: Last Call: Combined DES-CBC, HMAC and Replay Prevention Security Transform to Proposed Standard
Index(es):
- Main
- Thread