[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

beginner's questions

To: <ipsec@tis.com>
Subject: beginner's questions
From: Kun-Yu Li <lky@telstar.netrd.iii.org.tw>
Date: Mon, 28 Jul 1997 17:14:35 +0800
Sender: owner-ipsec@ex.tis.com

I just started reading documents about ipsec these days.
Some questions occurred to me today.
Pardon me if these questions are somewhat stupid.

In rfc 1825-1829, it is said
AH is for providing integrity and authentication.
ESP is for providing integrity and confidentiality.
Furthermore,
AH using Keyed MD5 and ESP using DES-CBC transform
are the basic algorithms.

I just wondering, 
(1) Keyed MD5 is for "integrity" only,
      so how does "AH using Keyed MD5"  provide "authentication"??
(2) DES-CBC is for "confidentiality" only,
      so how does "ESP using DES-CBC transform"  provide "integrity"??

If there're any mistakes of my understanding,
Please correct me.
Thank you in advance.

				lky@telstar.netrd.iii.org.tw 7/28

Follow-Ups:

Re: beginner's questions

From: Stephen Kent <kent@bbn.com>

Prev by Date: ISAKMP - New Version (v8)
Next by Date: Sequence Number field for manually configured SAs
Prev by thread: ISAKMP - New Version (v8)
Next by thread: Re: beginner's questions
Index(es):
- Main
- Thread