[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I-D ACTION:draft-ietf-ipsec-skipjack-cbc-00.txt
In message <199905251943.PAA16111@dcl.MIT.EDU>, "Theodore Y. Ts'o" writes:
>
>draft-ietf-ipsec-skipjack-cbc-00.txt
>
>Scott, Sandra,
>
>Secondly, there's a much more serious technical problem with your draft,
>in that by using an implicit IV and a sequence number, it looks like
>you're assuming that IV is chained across packets. If that is the case,
>it has a significant problem in that it you force the IPSEC engine to
>handle reordering, and even worse, it has no way to recover from a
>dropped packet.
Actually, no -- given CBC's properties, a dropped packet implies that the
following packet will not be decryptable; however, the last block of its
ciphertext can still be used as the IV for the next packet. You thus square
the effective packet loss probability. Reordering is still a significant
hassle for the receiver, however.
>
>I suggest you rethink your decision to use an implicit IV.
>
Agreed.
> - Ted
>
>
>
>
Follow-Ups: