[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ESP with stream ciphers

To: ipsec@tis.com
Subject: ESP with stream ciphers
From: Norman Shulman <norm@border.com>
Date: Mon, 14 Apr 1997 16:16:20 -0400
Sender: owner-ipsec@ex.tis.com

I am wondering how to handle stream ciphers like RC4 in ESP. In particular,
where does the stream offset go? I can think of three possibilities:

1. Abuse the IV field. The draft remains unchanged.

2. Consider the stream offset field part of the payload data, as suggested by
Steve Bellovin. The draft remains unchanged.

3. Rename the IV field. (Algorithm Specific Data?) A simple textual
substitution in the draft and in the drafts for the individual encryption
algorithms.

4. Consider the IV and stream offset fields part of the payload data, as
suggested by Steve Bellovin.  This is a more substantive change, and also
affects the drafts for the individual encryption algorithms. But it would
simplify ESP by eliminating an optional variable-length field. It would also
generalize ESP to accommodate any encryption algorithm with or without any
algorithm-specific data at all.

What do you think?

Norm
                   Norman Shulman      Secure Computing Canada
     	        Systems Developer      Tel 1 416 813 2075
                  norm@border.com      Fax 1 416 813 2001

Follow-Ups:

Re: ESP with stream ciphers

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: Effective policy enforcement
Next by Date: Re: Slicing and Dicing in new-esp
Prev by thread: IPComp presentation URL
Next by thread: Re: ESP with stream ciphers
Index(es):
- Main
- Thread