[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Straw Poll and Alignment

To: adams@cisco.com (Rob Adams)
Subject: Re: Straw Poll and Alignment
From: "C. Harald Koch" <chk@utcc.utoronto.ca>
Date: Thu, 13 Feb 1997 16:39:06 -0500
cc: ipsec@tis.com (ipsec@tis.com), rja@inet.org (rja@inet.org)
In-reply-to: adams's message of "Thu, 13 Feb 1997 16:25:46 -0500". <01BC19B1.72DCA5A0@Tastid.Cisco.COM>
References: <01BC19B1.72DCA5A0@Tastid.Cisco.COM>
Sender: owner-ipsec@ex.tis.com

In message <01BC19B1.72DCA5A0@Tastid.Cisco.COM>, Rob Adams writes:
>
> I don't understand our insistance on linking the size of the 
> fields with alignment of the header.

Ok, maybe I'm over-reacting. I just think it's foolish to throw away
information (the extra 32-bits of MAC) only to replace it with padding.
OTOH, I admit that doing so does make MD5 and SHA-1 processing identical,
which again simplifies code, which is the object of this whole process...

(I'll calm down now...)

> 
> Mr. Bellovin's post this morning about a 64 vs. 32 bit replay counter should be convincing enough
> about an rekeying issues.

Agreed.

>  Hugo et al. believe that it is more secure to truncate SHA.   

I think that's a bit strong. I read their messages as "it doesn't detract
from the security, and it *may* increase the security".

-- 
Harald Koch
chk@utcc.utoronto.ca

Follow-Ups:

Re: Straw Poll and Alignment

From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

References:

RE: Straw Poll and Alignment

From: adams@cisco.com (Rob Adams)

Prev by Date: RE: Straw Poll and Alignment
Next by Date: Re: Straw Poll and Alignment
Prev by thread: RE: Straw Poll and Alignment
Next by thread: Re: Straw Poll and Alignment
Index(es):
- Main
- Thread