[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bruce Schneier on IPsec



It appears that the document you annotated isn't the same as the
version distributed on Bruce's web site.

The arguments for why ESP without authentication is a valid option
ignore the issue raised by Steve Bellovin -- that encryption without
authentication fails to provide confidentiality in the presence of
active attack.  (I wonder why Bruce didn't mention that work...)  So
the scenario given (application layer integrity) doesn't fit, because
you need integrity iff you have active attackers, but if you do then
doing encryption-only at the IPSEC layer is insecure.  Conversely,
encryption-only is fine if you worry *only* about passive attack (in
which case integrity of any kind is not needed).

	paul


Follow-Ups: References: