[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSec for IP Telephony

Note that most digital radio telephone systems (DECT, GSM, TETRA) use
streaming ciphers for link encryption, the analysis of each showing that
block ciphers by having potential to induce delay are unacceptable to
maintain QoS. If we extend the TDMA models of such systems to general packet
mode speech then I believe the same conclusions will be reached - stream
cipher is preferred. The derivation of a Time Variant Parameter is however
for further study in IP telephony.



-----Original Message-----
From: Stephen Kent [mailto:kent@bbn.com]
Sent: Tuesday, March 30, 1999 1:10 AM
To: Costantini, Frank 
Cc: ipsec@lists.tislabs.com
Subject: RE: IPSec for IP Telephony


We have had a number of other, optional, algorithms defined for IPsec. A
stream cipher would be fine, so long as it carries an IV to deal with
dropped or re-ordered packets.  Also, note that ESP usually employs
authentication, in the form of HMAC, which would introduce latency as well.
if one omits authentication, and uses a stream cipher of the sort you
describe, than an attacker could modify packets with complete control,
which might be a concern.