[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some comments on JFK

To: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>
Subject: Re: Some comments on JFK
From: Michael Thomas <mat@cisco.com>
Date: Mon, 3 Dec 2001 15:17:01 -0800 (PST)
Cc: ipsec@lists.tislabs.com, ekr@rtfm.com
In-Reply-To: <200112032204.RAA22879@bcn.East.Sun.COM>
References: <200112032204.RAA22879@bcn.East.Sun.COM>
Sender: owner-ipsec@lists.tislabs.com

Radia Perlman - Boston Center for Networking writes:
 > EKR said:
 > >>	(1) In message 1 the initiator sends g^i. This is replayed in message
 > >>	3. I see why the initiator needs to tell the responder the group he
 > >>	wants to use but why does it need to communicate g^i? If you simply
 > >>	want the initiator to commit to g^i, why not use a hash? This would
 > >>	save some bandwidth, which is always nice :)
 > 
 > If g^i is in message
 > 1 it gives Bob the option of getting going on his Diffie-Hellman
 > calculation if he was willing to
 > not be stateless and computeless.

   Right, and this goes well with my "average
   case" mantra which is that you're normally not
   going to be under attack, so it would be nice
   eliminate its overhead when you're not hurting.
   TCP-SYN cookies work the same way.

		Mike

References:

Re: Some comments on JFK

From: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>

Prev by Date: Re: On shared keys (was RE: SOI: identity protection and DOS)
Next by Date: Problem with Cisco VPN concentrator
Prev by thread: Re: Some comments on JFK
Next by thread: Re: Some comments on JFK
Index(es):
- Main
- Thread