[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Padding

To: ipsec@tis.com
Subject: Padding
From: "William Allen Simpson" <wsimpson@greendragon.com>
Date: Thu, 10 Jul 97 13:40:52 GMT
Sender: owner-ipsec@ex.tis.com

While I'm thinking about it, at least 4 WG members asked that the
default padding be changed to be well-known, and 2 asked that it be the
same Self-Describing-Padding that PPP is using.  Yet, Kent's ESP text
does not reflect the requests.

I find Kent's text dense and difficult to understand, without such minor
editorial devices as a single topic per paragraph and transitional
sentences.  Also, he misused the latin abbreviations "e.g." and "i.e.".
Why use them at all, when the spelled out versions are just as many
typed characters?  This isn't calligraphy.  Better yet, use the English.

Here is a replacement:

2.4.  Padding

   If a cipher algorithm requires the plaintext to be a multiple of some
   number of bytes (such as the block size of a block cipher), the
   Padding field is used to fill the plaintext to the size required by
   the algorithm.  All implementations MUST support generation and
   consumption of such padding.

   In addition, padding MAY be used to conceal the actual length of the
   plaintext.  However, inclusion of such additional padding has adverse
   bandwidth implications, and thus its use should be undertaken with
   care.

   Finally, when the Authenticator field is present, padding also may be
   required to ensure that the resulting ciphertext terminates on a
   32-bit (4 byte) boundary.

   Prior to encryption, this field is filled with a series of integer
   values, to align the Pad Length and Payload Type fields at the end of
   the required boundary (measured from the beginning of the Transform
   Data).  By default, each byte contains the index of that byte.  For
   example, three pad bytes would contain the values 1, 2, 3.

   After decryption, this field MAY be examined for a valid series of
   integer values.  Verification of the sequence of values is at the
   discretion of the receiver.

   This field is optional and opaque.  That is, the value (when present)
   is set prior to encryption, and is examined only after decryption.


2.5.  Pad Length

   The Pad Length (1 byte) indicates the amount of Padding immediately
   preceding it.  It does not include the Pad Length and Payload Type
   fields.

   The range of valid values is 0 through 255.  A value of zero indi-
   cates that no Padding is present.

   This field is mandatory and opaque.  That is, the value is set prior
   to encryption, and is examined only after decryption.

WSimpson@UMich.edu
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32
BSimpson@MorningStar.com
    Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Follow-Ups:

Re: Padding

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: SPI orthogonality
Next by Date: I-D ACTION:draft-simpson-photuris-13.txt
Prev by thread: Re: SPI orthogonality
Next by thread: Re: Padding
Index(es):
- Main
- Thread