[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft des-md5 v3

To: ipsec@tis.com, "Angelos D. Keromytis" <angelos@aurora.cis.upenn.edu>
Subject: Re: Draft des-md5 v3
From: "James Hughes" <hughes@nsco.network.com>
Date: 14 Jan 97 13:46:36 -0500
Sender: owner-ipsec@ex.tis.com

> While implementing the DES-MD5 transform as of draft v3, i noticed
> that the algorithm that checks the replay counter window that's given
> would not work correctly with the draft's specification; the algorithm
> assumes that the initial value of the replay counter is 1 (or 0), but
> the draft has the counter initialized to some arbitrary value (an MD5
> result).

The counter must be "aliased" to 0 by subtracting the received value from
the initial value. Unsigned arithemetic works just fine for this.

jim

Prev by Date: change of address
Next by Date: Release 0.4 of my Linux IPSEC code is out.
Prev by thread: Draft des-md5 v3
Next by thread: Various difficulties in ISAKMP ver-06
Index(es):
- Main
- Thread