[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Padding
While I'm thinking about it, at least 4 WG members asked that the
default padding be changed to be well-known, and 2 asked that it be the
same Self-Describing-Padding that PPP is using. Yet, Kent's ESP text
does not reflect the requests.
I find Kent's text dense and difficult to understand, without such minor
editorial devices as a single topic per paragraph and transitional
sentences. Also, he misused the latin abbreviations "e.g." and "i.e.".
Why use them at all, when the spelled out versions are just as many
typed characters? This isn't calligraphy. Better yet, use the English.
Here is a replacement:
2.4. Padding
If a cipher algorithm requires the plaintext to be a multiple of some
number of bytes (such as the block size of a block cipher), the
Padding field is used to fill the plaintext to the size required by
the algorithm. All implementations MUST support generation and
consumption of such padding.
In addition, padding MAY be used to conceal the actual length of the
plaintext. However, inclusion of such additional padding has adverse
bandwidth implications, and thus its use should be undertaken with
care.
Finally, when the Authenticator field is present, padding also may be
required to ensure that the resulting ciphertext terminates on a
32-bit (4 byte) boundary.
Prior to encryption, this field is filled with a series of integer
values, to align the Pad Length and Payload Type fields at the end of
the required boundary (measured from the beginning of the Transform
Data). By default, each byte contains the index of that byte. For
example, three pad bytes would contain the values 1, 2, 3.
After decryption, this field MAY be examined for a valid series of
integer values. Verification of the sequence of values is at the
discretion of the receiver.
This field is optional and opaque. That is, the value (when present)
is set prior to encryption, and is examined only after decryption.
2.5. Pad Length
The Pad Length (1 byte) indicates the amount of Padding immediately
preceding it. It does not include the Pad Length and Payload Type
fields.
The range of valid values is 0 through 255. A value of zero indi-
cates that no Padding is present.
This field is mandatory and opaque. That is, the value is set prior
to encryption, and is examined only after decryption.
WSimpson@UMich.edu
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
BSimpson@MorningStar.com
Key fingerprint = 2E 07 23 03 C5 62 70 D3 59 B1 4F 5E 1D C2 C1 A2
Follow-Ups: