[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Son-of-IKE Performance

To: Dan Harkins <dharkins@tibernian.com>
Subject: Re: Son-of-IKE Performance
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Thu, 06 Dec 2001 22:17:50 -0500
Cc: Eric Rescorla <ekr@rtfm.com>, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

In message <200112061808.fB6I7t301682@fatty.lounge.org>, Dan Harkins writes:
>  Actually to compare apples-to-apples you should note that
>JFK only produces a single key, Kir, for a single IPsec SA 
>(I'm assuming it's the initiator's outbound although it's
>not specified). To end up with a pair of IPsec SAs, one in
>each direction, you'd need:
>
>  Protocol     Initiator     Responder     Latency
>  ------------------------------------------------
>  JFK(normal)  2 signature   2 signature    4 RTT	
>  	       4 verifies    2 verify
> 	       2 DH agree    2 DH agree 
> 
>  JFK(PFS)[2]  2 signature   4 signatures   4 RTT	
> 	       4 verifies    2 verify
> 	       2 DH agree    2 DH agree 
>

I'm afraid I don't understand what you're saying.  JFK ends up with an 
authenticated DH exponential; we can clearly derive bidirectional keys 
from that.

		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com

Follow-Ups:

Re: Son-of-IKE Performance

From: Dan Harkins <dharkins@tibernian.com>

Prev by Date: Re: Please save the pre-shared key mode
Next by Date: Re: Son-of-IKE Performance
Prev by thread: Re: Son-of-IKE Performance
Next by thread: Re: Son-of-IKE Performance
Index(es):
- Main
- Thread