[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Implicit/Explicit IV

To: ipsec@lists.tislabs.com
Subject: Implicit/Explicit IV
From: ranjeet barve <ranjeet_barve@yahoo.co.in>
Date: Fri, 12 Oct 2001 15:30:07 +0100 (BST)
Sender: owner-ipsec@lists.tislabs.com

hi,
I had a question on the use of Implicit and Explicit
IV.
I have come across following Situations in the various
IPsec Implementations:
1) Implicit IV is used by generating it at the
respective peers by use of SEQ_ID.i.e 
           IV[0-3] = Seq-id;
           IV[4-7] = ~Seq-id; 

2) Explicit IV is used for the first Packet i.e IV is
generated Randomly + all following packets of the same
Tunnel use Implicit IV as the last 8 bytes of the
Cipher Text of the earlier Packet.

3) Explicit IV is used for all the Packets of a
particular Tunnel.

Does Cases 1 and 2, not lead to interoperabality issue
if both ends(Peers) are not using the same IPsec
Implementation? i.e How do different IPsec
Implementations Interop.
Which is the most standard way to use in Implicit IV
case?

I would be thankful if you could help me with the
above query.

Best Regards,
Ranjeet Barve,
M.Tech IIT Bombay.



____________________________________________________________
Do You Yahoo!?
Send a newsletter, share photos & files, conduct polls, organize chat events. Visit http://in.groups.yahoo.com

Follow-Ups:

Re: Implicit/Explicit IV

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: IPComp CPI's
Next by Date: DataStructure for Storing SPD,SA Entries
Prev by thread: Re: IPComp CPI's
Next by thread: Re: Implicit/Explicit IV
Index(es):
- Main
- Thread