[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Authentication Padding

To: ipsec@tis.com
Subject: Authentication Padding
From: "C. Harald Koch" <chk@utcc.utoronto.ca>
Date: Thu, 22 Jan 1998 13:25:45 -0500
Sender: owner-ipsec@ex.tis.com

Never mind, I just went and re-read the AH draft:

3.3.3.2.2  Implicit Packet Padding
 
   For some authentication algorithms, the byte string over which the
   ICV computation is performed must be a multiple of a blocksize
   specified by the algorithm.  If the IP packet length (including AH)
   does not match the blocksize requirements for the algorithm, implicit
   padding MUST be appended to the end of the packet, prior to ICV
   computation.  The padding octets MUST have a value of zero.  The
   blocksize (and hence the length of the padding) is specified by the
   algorithm specification.  This padding is not transmitted with the
   packet.

The key phrase is "FOR SOME AUTHENTICATION ALGORITHMS". Neither MD5 nor
SHA-1 fall into this category. The DES MAC (defined in
draft-bitan-auth-des-mac-00.txt) would fall into this category.

Case closed, IMNSHO. I suppose, technically, the MD5 and SHA-1 drafts should
be modified to explicitly declare the input blocksize requirements as
"1-byte".

-- 
C. Harald Koch     <chk@utcc.utoronto.ca>

"Madness takes its toll. Please have exact change."
		-Karen Murphy <karenm@descartes.com>

Follow-Ups:

Re: Authentication Padding

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: Padding complexities
Next by Date: Re: some issues about IPSec
Prev by thread: Re: Security Association Lifetimes in kbytes
Next by thread: Re: Authentication Padding
Index(es):
- Main
- Thread