[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSec for IP Telephony

To: Frank.Costantini@ccmail.l-3com.com
Subject: Re: IPSec for IP Telephony
From: Paul Koning <pkoning@xedia.com>
Date: Mon, 29 Mar 1999 12:56:09 -0500
Cc: ipsec@lists.tislabs.com
References: <199903291624.LAA16776@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

>>>>> "Costantini," == Costantini, Frank <" <Frank.Costantini@ccmail.l-3com.com>> writes:

 Costantini,> Is the intent of the IPSEC community that secure IP
 Costantini,> Telephony applications utilize 3DES in CBC mode for
 Costantini,> encryption?  Considering the extreme sensitivity that IP
 Costantini,> Telephony has for latency, CBC mode is not a good choice
 Costantini,> for a cryptographic mode for that application.  Has a
 Costantini,> stream-cipher mode of operation for delay-sensitive
 Costantini,> IPSEC applications been defined somewhere?
     
I don't understand the point.  Encrypting a packet will add some
latency, but I don't see any reason to prefer a stream cypher over a
block cypher when doing packet oriented processing.  Sure, 3DES may be 
slow in some implementations, but that's an implementation matter, not 
a fundamental property.

If you were transmitting byte stream data, things might (or might not) 
be different, but we're talking IP packets...

We've been doing some latency measurements and the numbers come out
well below what would be an issue for VoIP (or for that matter, way
below the wire delay for T1 never mind slower stuff).

	paul

References:

IPSec for IP Telephony

From: "Costantini, Frank " <Frank.Costantini@ccmail.l-3com.com>

Prev by Date: Re: 3DES with 40-bit key?
Next by Date: Re: 3DES with 40-bit key?
Prev by thread: IPSec for IP Telephony
Next by thread: RE: IPSec for IP Telephony
Index(es):
- Main
- Thread