[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NULL_ESP; why at all does it exist?

To: ipsec@lists.tislabs.com
Subject: NULL_ESP; why at all does it exist?
From: venkat <venkat@dexceldesigns.com>
Date: Thu, 11 Jul 2002 13:12:32 +0530
Organization: Dexcel Electronics Designs (P) Ltd.
Reply-To: venkat@dexceldesigns.com
Sender: owner-ipsec@lists.tislabs.com

Hi Everbody,

Could you answer these questions

1. During ESP packet generation, can the encryption be done with DES_CBC or 
3DES_CBC and then provide authentication with NULL_ESP.

2. Is it required that we have to provide authentication with HMAC-MD5 or 
HMAC-SHA. i.e. ESP_AUTH part

3. Can NULL_ESP be used for providing authenticatoin at all, because I read 
somewhere that NULL_ESP can be used for this purpose.

4. Is NULL_ESP a void Transform, i.e. it doesn't do anything at all.

5. To provide authentication only in ESP, can we use Enc-> NULL_ESP and then
Auth-> HMAC-MD5/SHA

Awaiting replies
- Venkat

--------------------------------------------------------------
Dexcel Electronics Designs (P) Ltd., Bangalore, India

Follow-Ups:
- Re: NULL_ESP; why at all does it exist?
  - From: Scott Fluhrer <sfluhrer@cisco.com>

Prev by Date: Re: SOI QUESTION: 5.1 SA creation style: Cryptographic agreement
Next by Date: Encrypted Client Notifications?
Prev by thread: Re: SOI QUESTION: 5.2 Scope of proposals
Next by thread: Re: NULL_ESP; why at all does it exist?
Index(es):
- Date
- Thread