[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
<draft-ietf-ipsec-skipjack-cbc-00.txt>
In reference to discussions made on the proposed
<draft-ietf-ipsec-skipjack-cbc-00.txt> draft, we will rename it and
resubmit it as: draft-ietf-judy-skipjack-cbc-00.txt.
In reference to the SKIPJACK implementation comments, the SKIPJACK
algorithm and its cipher modes should be treated as separate items.
Please review the SKIPJACK specification with its mode descritpions from
NIST at http://www-08.nist.gov/cryptval/des/skipval.htm.. These modes
(which are the same as the 4 DES modes) are described pictorially on
page 3. [Schneier], and "Cryptography and Data Security" ISBN
0-201-10150-5 by Dorothy Denning also provides a detailed explanation
of the modes.
In reference to whether to use CBC mode not, NIST specifies two block
cipher modes (CBC and ECB) and 2 stream modes for SKIPJACK and DES. In
this draft, we propose ONLY the CBC mode. CBC mode is more resistant to
cryptanalysis and replay. In ECB mode, there is no IV for messaging,
only a cryptovariable key. The key is used to en/decrypt each data
block with no chaining of any kind. ECB mode is more susceptible to
plaintext attacks. We will be happy to submit a separate additional
draft that specifically addresses ECB mode if this is desired. CBC mode
is more resistant to the attacks mentioned and hence we have chosen to
propose SKIPJACK with CBC mode.
The next issue is of Explicit or Implicit IV. We chose an implicit IV
because we thought it would provide more efficient transmission.
However, the explicit IV does significantly assist the receiver in
recovering from the effect of lost packets. If this method is more
acceptable, we'll change the (newly named) draft to one with an Explicit
IV.
Scott Judy
Sandra MacGregor
Follow-Ups: