[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Retransmits in traffic count?

To: Paul Koning <pkoning@xedia.com>
Subject: RE: Retransmits in traffic count?
From: Tim Jenkins <tjenkins@TimeStep.com>
Date: Thu, 5 Aug 1999 14:27:39 -0400
Cc: ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

If you change the IV in SA negotiations you'll get out of sync with the
peer, since they're implicit, right?

Are we talking about the same thing? Traffic in phase 1 SAs?

> -----Original Message-----
> From: Paul Koning [mailto:pkoning@xedia.com]
> Sent: August 5, 1999 2:14 PM
> To: tjenkins@TimeStep.com
> Cc: rcharlet@redcreek.com; ipsec@lists.tislabs.com
> Subject: RE: Retransmits in traffic count?
> 
> 
> >>>>> "Tim" == Tim Jenkins <tjenkins@TimeStep.com> writes:
> 
>  >> Actually, I can't think of a reason not to count the
>  >> retransmissions in all of these counters. (that don't mean there
>  >> ain't one!)  Could you tell us about the potential motivations you
>  >> see for this?
> 
>  Tim> Potential reasons why not:
> 
>  Tim> It doesn't really count against the lifetime of the keying
>  Tim> material, since there is no new information offered to an
>  Tim> attacker since the re-transmits are identical. (I'd like a
>  Tim> crypto expert to confirm or dispute this, if possible.)
> 
> IANACE, but anyway... the retransmit plaintext is identical but the
> cyphertext probably not, since presumably the IV changes.  So you do
> get new information.
> 
> 	paul
>

Prev by Date: RE: Retransmits in traffic count?
Next by Date: RE: Retransmits in traffic count?
Prev by thread: Re: Retransmits in traffic count?
Next by thread: RE: Retransmits in traffic count?
Index(es):
- Main
- Thread