[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Son-of-IKE Performance
In message <200112061808.fB6I7t301682@fatty.lounge.org>, Dan Harkins writes:
> Actually to compare apples-to-apples you should note that
>JFK only produces a single key, Kir, for a single IPsec SA
>(I'm assuming it's the initiator's outbound although it's
>not specified). To end up with a pair of IPsec SAs, one in
>each direction, you'd need:
>
> Protocol Initiator Responder Latency
> ------------------------------------------------
> JFK(normal) 2 signature 2 signature 4 RTT
> 4 verifies 2 verify
> 2 DH agree 2 DH agree
>
> JFK(PFS)[2] 2 signature 4 signatures 4 RTT
> 4 verifies 2 verify
> 2 DH agree 2 DH agree
>
I'm afraid I don't understand what you're saying. JFK ends up with an
authenticated DH exponential; we can clearly derive bidirectional keys
from that.
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com
Follow-Ups: