[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSec for IP Telephony


We have had a number of other, optional, algorithms defined for IPsec. A
stream cipher would be fine, so long as it carries an IV to deal with
dropped or re-ordered packets.  Also, note that ESP usually employs
authentication, in the form of HMAC, which would introduce latency as well.
if one omits authentication, and uses a stream cipher of the sort you
describe, than an attacker could modify packets with complete control,
which might be a concern.