[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AES-CBC draft: Tunnel mode, TTL field of inner header

To: ipsec@lists.tislabs.com
Subject: AES-CBC draft: Tunnel mode, TTL field of inner header
From: peter.mathes@gmx.de
Date: Mon, 15 Jul 2002 08:24:09 +0200 (MEST)
Sender: owner-ipsec@lists.tislabs.com

Dear all,
I just came across one point in the Internet Draft "The AES Cipher Algorithm
and Its Use With IPsec", <draft-ietf-ipsec-ciph-aes-cbc-04.txt>, June 2002
that made me wonder. In the last two test vectors (7&8) provided with the
draft ESP packets in tunnel mode are encryted with AES-CBC. Although RFC 2401
specifies in (5.1.2) to decrement the TTL field of the inner header this is not
done in the two mentioned test cases:

----------------
Case #7:

Original packet:
IP header (20 bytes): 45000054 09040000 4001f988 c0a87b03 c0a87bc8
                                        ^^
.
.
.

Pre-encryption Data with original IP header, padding, pad length and
next header (96 bytes):
45000054 09040000 4001f988 c0a87b03 ...
                  ^^

------------------

And also the ciphertext is based on the plaintext with TTL = 40.


Mistake? Changes in the specification?


Thanks,
Peter Mathes


-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net

Follow-Ups:
- Re: AES-CBC draft: Tunnel mode, TTL field of inner header
  - From: "Scott G. Kelly" <scott@bstormnetworks.com>
- Re: AES-CBC draft: Tunnel mode, TTL field of inner header
  - From: Sheila Frankel <sheila.frankel@nist.gov>

Prev by Date: Re: new version of ESP ID
Next by Date: Re: Agenda Items Solicitation
Prev by thread: Re: Agenda Items Solicitation
Next by thread: Re: AES-CBC draft: Tunnel mode, TTL field of inner header
Index(es):
- Date
- Thread