[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AES, AES-MAC

To: "Ipsec" <ipsec@lists.tislabs.com>
Subject: Re: AES, AES-MAC
From: "Joseph D. Harwood" <jharwood@vesta-corp.com>
Date: Fri, 18 May 2001 10:19:41 -0700
Cc: <jari.arkko@lmf.ericsson.se>
Importance: Normal
Sender: owner-ipsec@lists.tislabs.com


>- I believe it is possible to use AES as
>  a MAC algorithm a la DES-MAC. Has this
>  been specified by NIST? Has it been specified
>  by IETF how to use it in the context of IPsec?
>
>- I seem to remember talk about SHA-256/384/512.
>  What are these and have their use been
>  specified for IPsec? What is their relationship
>  to AES-MAC?

The thread on SHA-256/384/512 can be found here:

http://www.vpnc.org/ietf-ipsec/mail-archive/msg00337.html

These are hash algorithms from NIST with 256/384/512 bits of output.  From
the thread above I don't believe they are going to be a requirement for
IPsec because of their performance.  AES-MAC was also discussed in this
thread.  It's performance is roughly that of AES-CBC encryption/decryption.
However, there has been discussion of using a counter mode for AES
encryption/decryption rather than CBC mode to improve encryption/decryption
performance, so perhaps something other than a straight AES-MAC would be
needed for equivalent authentication performance.  Please see the following
message, which contains the slides from Steve Kent's presentation that
discuss this:

http://www.vpnc.org/ietf-ipsec/mail-archive/msg00168.html

Best Regards,
Joseph D. Harwood
jharwood@vesta-corp.com
www.vesta-corp.com

Prev by Date: AES, AES-MAC
Next by Date: IKE Rekeying
Prev by thread: Re: AES, AES-MAC
Next by thread: Re: AES, AES-MAC
Index(es):
- Main
- Thread