[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSec for IP Telephony

To: IP Security WG List <ipsec@lists.tislabs.com>
Subject: Re: IPSec for IP Telephony
From: Lewis McCarthy <lmccarth@cs.umass.edu>
Date: Tue, 30 Mar 1999 17:49:11 -0500
Organization: Theoretical Computer Science Group, University of Massachusetts at Amherst
Sender: owner-ipsec@lists.tislabs.com

<sigh>

>>>    ----- The following addresses had permanent fatal errors -----
>>> <ipsec@tis.com>

This is in reply to <199903291624.LAA16776@lists.tislabs.com>.

Frank Costantini writes:
> Is the intent of the IPSEC community that secure IP Telephony
> applications utilize 3DES in CBC mode for encryption?  Considering the
> extreme sensitivity that IP Telephony has for latency, CBC mode is not
> a good choice for a cryptographic mode for that application.

DES-CBC is the default encryption algorithm for the stopgap
confidentiality service built into RTP [RFC 1889].  (The forthcoming
revision of RTP, draft-ietf-avt-rtp-new-03, suggests use of IPsec
services instead.)  RFC 1889 says of DES-CBC:

          "This method is chosen because it has been demonstrated to be
   easy and practical to use in experimental audio and video tools in
   operation on the Internet."

I don't know any details of the operational experience cited by the RFC,
however.

-Lewis
-- 
"Hackers can't and have not accessed our satellites.  It is impossible
for a hacker to get into the system."  -- UK MoD spokesman, 1 Mar 1999

Prev by Date: Re: Quick Mode and resistance to related-key cryptanalysis
Next by Date: Re: IPsec/IKE products [Re: info request]
Prev by thread: RE: IPSec for IP Telephony
Next by thread: RSA claiming trademark on all uses of "RSA" to describe algorithm
Index(es):
- Main
- Thread