[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Notification payloads IV

Subject: RE: Notification payloads IV
From: antonio.barrera@nokia.com
Date: Fri, 6 Oct 2000 19:39:37 +0300
Cc: ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

	I thought about that and the IV that should be used is the one that
would be used for a normal packet.
I think this IV + the Mesage Id (Data to apply the PRF function) and then
Compute an IV like would be in a normal Informational packet
Some implementations reject clear packets at this point thats why I thought
about this solution. 

Toni

-----Original Message-----
From: EXT Tero Kivinen [mailto:kivinen@ssh.fi]
Sent: 06. October 2000 19:36
To: antonio.barrera@nokia.com
Cc: ipsec@lists.tislabs.com
Subject: Notification payloads IV


antonio.barrera@nokia.com writes:
> 	How is the IV computed for notification messages in IKE Phase I?

It is not computed. You send the error message in clear until you
receive the final Phase I packet and get the last Phase I CBC block to
start your IV calculations. 

> 	However, I'm not really sure how to do it for Phase I when
> encryption is applied (messages 5 and 6) and an error is found.
> Is it explained somewhere? 

No. It is not explained anywhere, and different implementations are
doing it differently. I know there are implementations which send
those notifications encrypted and I don't know which IV they are
using. 
-- 
kivinen@ssh.fi                               Work : +358 303 9870
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

Prev by Date: Notification payloads IV
Next by Date: Losing one private key
Prev by thread: Notification payloads IV
Next by thread: AES draft
Index(es):
- Main
- Thread