[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How many algorithms per SA/Transform?
At 02:06 PM 3/3/97 -0800, Dan McDonald wrote:
>Hi folks!
>
>I've a question about algorithms per transform/SA. The question is:
>
> Will there realistically be more than one algorithm of a given
> type (i.e. 2 or more ENCRYPTION algorithms or 2 or more
> AUTHENTICATION algorithms) in a single security association?
>
>I don't mean more than one algorithm, period. The Hughes DES/HMAC-MD5
>transform proves that we need at least one encryption AND one authentication
>algorithm in a single security association. What I'm talking about is if
>there will ever be:
>
> DES,Blowfish,Rot13/HMAC-MD5,HMAC-SHA,cksum
>
>in a SINGLE SECURITY ASSOCIATION or a SINGLE TRANSFORM?
>
>It's a question that I personally think the answer to is, "no". I can't
>think of any good case (save perhaps protecting headers with one algorithm,
>and the data with another...) where you'd need more than one algorithm of
>each type in a single association.
>
>Any comments, opinions, etc. are welcome.
>
I would also say NO.
--Naganand
----------------------------------------------------------------
naganand@ftp.com
Tel #: (508)684-6743 (O)
Follow-Ups: