[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: replay field size straw poll
Steve,
> As editor for the AH and ESP specs, based on the traffic I've seen
>this last 2 weeks, I'm planing to go with 32-bit counters for both and to
>assume that the HMAC value will be 128 bits, to help resolve the alignment
>problem. If there are strong objections to this tact, I'd like to hear by
>2/14.
Unless there is a significant change to the AH header, a 32 bit non-optional
counter and a 128 bit HMAC value will not resolve the alignment problem.
01234567012345670123456701234567
+------+-------+-------+-------+
| NH | Len | Reserved | 32 bits
+------+-------+-------+-------+
| SPI | 32 bits
+------+-------+-------+-------+
| Replay Prev. Counter | 32 bits
+------+-------+-------+-------+
| |
| HMAC |
| Value | 128 bits
| |
+------+-------+-------+-------+
total: 224 bits --- not multiple of 64
Possible solutions would be 1) 64 bit counter, 2) a 64 bit alignment pad
trailer, or 3) a 160 bit HMAC Value.
Rob G.