[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Authentication Padding
Never mind, I just went and re-read the AH draft:
3.3.3.2.2 Implicit Packet Padding
For some authentication algorithms, the byte string over which the
ICV computation is performed must be a multiple of a blocksize
specified by the algorithm. If the IP packet length (including AH)
does not match the blocksize requirements for the algorithm, implicit
padding MUST be appended to the end of the packet, prior to ICV
computation. The padding octets MUST have a value of zero. The
blocksize (and hence the length of the padding) is specified by the
algorithm specification. This padding is not transmitted with the
packet.
The key phrase is "FOR SOME AUTHENTICATION ALGORITHMS". Neither MD5 nor
SHA-1 fall into this category. The DES MAC (defined in
draft-bitan-auth-des-mac-00.txt) would fall into this category.
Case closed, IMNSHO. I suppose, technically, the MD5 and SHA-1 drafts should
be modified to explicitly declare the input blocksize requirements as
"1-byte".
--
C. Harald Koch <chk@utcc.utoronto.ca>
"Madness takes its toll. Please have exact change."
-Karen Murphy <karenm@descartes.com>
Follow-Ups: