RE: IPSEC WORKING GROUP LAST CALL

[Stephen Kent <kent@bbn.com>]

Baiju,

>I have a concern with AH+ESP in transport mode.
>Based on the requirements of ESP, ESP must negotiate
>an integrity check mechanism. The MD5-HMAC or SHA-1 HMAC
>MUST be supported for ESP. Similarly, the same integrity
>algorithms are used by AH.
>
>Therefore, it looks like I have to compute authentication data
>twice using possibly same algorithm over mostly same data.
>Something tells me that in this combination, I should be able
>to negotiate NULL authentication algorithm for ESP.

If you choose to employ BOTH AH and ESP, AND if you elect to use
authentication with ESP (which is an option, not a requirement), then you
will need to perform two HMAC computations, since the two ICVs cover
different portions of the packet.  However, a primary reason for not
requiring authentication with ESP in all cases is precisely this example.
Yes, you should be able to negotiate a null authentication algorithm for
use with ESP.

>I do understand that DES-CBC values can be used for authentication
>data in ESP but then what happens when we are not using DES.

Use of DEC-CBC is for encryption, and any authentication benefits are
secondary, as far as ESP is concerned.  However, if you employ a suitable
block cipher base, other algorithms used in CBC mode offer analogous
functionality re authentication.

Steve

---

References:

• RE: IPSEC WORKING GROUP LAST CALL
• From: "Patel, Baiju V" <baiju.v.patel@intel.com>

---

• Prev by Date: Re: IPSEC WORKING GROUP LAST CALL
• Next by Date: RE: IPSEC WORKING GROUP LAST CALL
• Prev by thread: Re: IPSEC WORKING GROUP LAST CALL
• Next by thread: RE: IPSEC WORKING GROUP LAST CALL
• Index(es):
  • Main
  • Thread