[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed changes to ESP (andf a little AH too)

To: Bob Monsour <rmonsour@earthlink.net>
Subject: Re: Proposed changes to ESP (andf a little AH too)
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Date: Fri, 21 Mar 1997 16:08:22 -0500
Cc: Stephen Kent <kent@bbn.com>, ipsec@tis.com
In-Reply-To: rmonsour's message of Fri, 21 Mar 1997 12:21:59 -0800. <3.0.32.19970321122157.00919680@earthlink.net>
Sender: owner-ipsec@ex.tis.com

> I understand the rationale, but want to make sure I understand exactly what
> you are proposing. Are you saying that in ESP, the sender would encrypt the
> payload and then calculate the MAC over the encrypted payload?

Normally I tend to like things which improve performance, but I don't
really like this proposal, for robustness reasons; it allows errors in
encryption or decryption to go undetected, while doing the MAC over
the plaintext provides better assurance that the data was decrypted
correctly.

Consider the case where the encryption key gets smashed but the
authentication key is intact ..  you get authentic gibberish out of
the transform instead of a hard indication that something's out of
synch between the endpoints.

					- Bill

Follow-Ups:

Re: Proposed changes to ESP (andf a little AH too)

From: Lewis McCarthy <lmccarth@cs.umass.edu>

References:

Re: Proposed changes to ESP (andf a little AH too)

From: Bob Monsour <rmonsour@earthlink.net>

Prev by Date: Re: Proposed changes to ESP (andf a little AH too)
Next by Date: Re: Proposed changes to ESP (andf a little AH too)
Prev by thread: Re: Proposed changes to ESP (andf a little AH too)
Next by thread: Re: Proposed changes to ESP (andf a little AH too)
Index(es):
- Main
- Thread