[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt

To: <uri@bell-labs.com>, "Alex Alten" <Alten@attbi.com>
Subject: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
From: Scott Fluhrer <sfluhrer@cisco.com>
Date: Thu, 01 Aug 2002 09:33:33 -0700
Cc: <ipsec@lists.tislabs.com>
In-Reply-To: <200207301406.KAA08853@nwmail.wh.lucent.com>
References: <3.0.3.32.20020730010011.015fe528@mail><3.0.3.32.20020729155630.013bbfc8@mail><3.0.3.32.20020730010011.015fe528@mail>
Sender: owner-ipsec@lists.tislabs.com

At 07:04 AM 7/30/02 , Uri Blumenthal wrote:
>
>Plus, IV doesn't REALLY have to be random. It's something people are 
>talking about now because of the threat brought up by S. Fluhrer when
>more than one user sits on one SA.

This appears that this needs to be emphasized -- CBC has IVs and the
current counter mode draft has IVs, but they're not really the same
thing, and they do not have the same constraints on them.  A few months
ago, I pointed out a weakness in CBC mode with predictable IVs.  This
weakness is specific to how CBC mode works, and counter mode with
predictable IVs has no corresponding weakness.  The only constraint on
counter mode is that the IVs never repeat.

-- 
scott

Prev by Date: RE: Clarification of potential NAT multiple client solutions
Next by Date: RE: Clarification of potential NAT multiple client solutions
Prev by thread: Re: CERT REQ payload Handling Clarification
Next by thread: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Index(es):
- Date
- Thread