[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Explicit IV vs. Implicit IV

To: ipsec@tis.com
Subject: Explicit IV vs. Implicit IV
From: Ran Atkinson <rja@inet.org>
Date: Thu, 7 Aug 97 01:23:07 GMT Daylight Time
Sender: owner-ipsec@ex.tis.com


All,

   I believe that an explicit IV is the better approach for use with ESP.  
I've read and considered the arguments and think explicit IV is generally 
preferable.

One argument I find sufficient:
	I know of several confidentiality algorithms that _require_ 
	that explicit IVs be used.  I don't recall any confidentiality
	algorithm that _requires_ an "implicit" IV.  The ability
	to support any algorithm with standard, default format, ESP 
	is a sufficient argument, IMHO.  Algorithm-independence of
	AH and ESP formats was always a clear design goal for IPsec,
	which also speaks to this argument.

Note that the other arguments in aggregate independently persuade me 
to prefer that the default format for ESP use an explicit IV.

IMHO,

Ran
rja@inet.org

Prev by Date: Re: Directions for ESP and AH?
Next by Date: Re: Corner-case question
Prev by thread: Re: Corner-case question
Next by thread: Moskowitz/Doraswamy VPN Draft URL
Index(es):
- Main
- Thread