[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Calling the question: implicit vs. explicit IV

To: "'IPSEC Mailing List'" <ipsec@tis.com>
Subject: FW: Calling the question: implicit vs. explicit IV
From: Roy Pereira <rpereira@TimeStep.com>
Date: Fri, 1 Aug 1997 14:56:20 -0400
Sender: owner-ipsec@ex.tis.com


>I vote for Explicit IV.
>
>The reasons?
>
>o  I want one method for retrieving the IV from a packet no matter what
>algorithm I'm using.  Without a general method for CBC-mode block ciphers,
>code complexity will bring in bugs.
>
>o  The compatibility that derived IVs is suppose to give us, is BS.  The
>32-bit IV was a hack that should have been forgotten a long time ago.
>Becides the current derived IV does not give us full compatibility.
>
>o Speed:  We need speed down at the network interceptor level.  Deriving an
>IV takes a lot more time than just picking it up directly from the packet.
>
>o Space: An extra 8 bytes is nothing compared to the extra bytes that
>ESP+auth adds in.
>
>o Flexibility: When (If) I do a RC5 implementation with 128 bit blocks, I
>will need a 128 bit IV.  I don't want to derive 16 bytes of IV.
>
o Current Implementations: All of the current implementations that we
>tested with at all of the ANX bakeoffs used EXPLICIT IVs.

Prev by Date: Re: Calling the question: derived vs. explicit IV
Next by Date: Proposed IPsec interop workshop
Prev by thread: Re: calling the question: derived vs. explicit
Next by thread: Proposed IPsec interop workshop
Index(es):
- Main
- Thread