[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.4 Number of crypto operations

To: ipsec@lists.tislabs.com
Subject: Re: SOI QUESTIONS: 2.4 Number of crypto operations
From: Lakshminath Dondeti <ldondeti@nortelnetworks.com>
Date: Thu, 20 Jun 2002 14:04:27 -0400
References: <E17L5KF-0003XH-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mozilla/5.0 (Windows; U; Win95; en-US; rv:0.9.4.1) Gecko/20020314 Netscape6/6.2.2

Theodore Ts'o wrote:

> Please discuss and answer this question.....
> 
> 2.4 Number of crypto operations
> 
> 2.4.A) JFK requires substantially more cryptographic operations for
> rekeying (two more signatures, two more signature validations, and
> three more hashes).  Is this a problem?  More generally, does SOI need
> to be able to support "fast" rekeying?
> 

Fast rekeying *is* important in SOI.  More specifically, a secure SA 
management channel can be used for sending Informational, Delete or 
error messages.  It is more efficient and scales better (e.g. in the VPN 
and remote access scenarios).

cheers,
Lakshminath

>

References:
- SOI QUESTIONS: 2.4 Number of crypto operations
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: SOI QUESTIONS: 2.3 Perfect forward secrecy (PFS)
Next by Date: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Prev by thread: SOI QUESTIONS: 2.4 Number of crypto operations
Next by thread: Re: SOI QUESTIONS: 2.4 Number of crypto operations
Index(es):
- Date
- Thread