[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Q: Why IPSEC to be used only in CBC mode & not other like CFB or OFB ?
>>>>> "Stephen" == Stephen Kent <kent@bbn.com> writes:
Stephen> Paul, I guess we must simply disagree. I too hate to see
Stephen> shortsighted tradeoffs, but the world is full of them, and
Stephen> out standards environment has many examples. I might agree
Stephen> that the extra bandwidth devoted to the integrity is not too
Stephen> awful, and I agree that suitable hardware can parallel
Stephen> process the authentication data and not make it a
Stephen> bottleneck. However, the Internet (and the IETF) has a long
Stephen> history of favoring software over hardware when it comes to
Stephen> these tradeoffs, and I'm not in favor of making IPsec the
Stephen> exception in this instance.
But in software the delta from authentication is small, too.
Stephen> Also, I see very little
Stephen> evidence that the optional use of the authentication feature
Stephen> of ESP adds significant complexity to the protocol, since
Stephen> many (most?) folks agree that having an authentication-only
Stephen> mode for ESP is a good idea.
Actually, at this point there's very little reason to have the
authentication-only mode. But we were talking about the
encryption-only mode.
It includes a change in packet format, different sequence number
algorithms. Most importantly, it means exposing an option to the user
and network manager, and then telling them that the option is there
but shouldn't be used (except if you're really sure that it's safe,
which is asking quite a lot from a typical network manager).
paul
References: