[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt

To: rhousley@rsasecurity.com
Subject: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
From: Paul Koning <pkoning@equallogic.com>
Date: Thu, 1 Aug 2002 17:21:02 -0400
Cc: ipsec@lists.tislabs.com
References: <FPELKLHKCBJLMMMNOGDFOEMODKAA.mcgrew@cisco.com><5.1.0.14.2.20020730092306.0345bf68@exna07.securitydynamics.com><5.1.0.14.2.20020801171427.02133438@exna07.securitydynamics.com>
Sender: owner-ipsec@lists.tislabs.com

>>>>> "Housley," == Housley, Russ <rhousley@rsasecurity.com> writes:

 Housley,> Are you happy with the following replacement paragraph?

 Housley,> Additionally, since AES has a 128-bit block size,
 Housley,> regardless of the mode employed, the ciphertext generated
 Housley,> by AES encryption becomes distinguishable from random
 Housley,> values after 2^64 blocks are encrypted with a single key.
 Housley,> Since ESP with Enhanced Sequence Numbers allows for up to
 Housley,> 2^64 packets in a single security association (SA), there
 Housley,> is real potential for more than 2^64 blocks to be encrypted
 Housley,> with one key.  Therefore, implementations SHOULD generate a
 Housley,> fresh key before 2^64 blocks are encrypted with the same
 Housley,> key.  Note that ESP with 32-bit Sequence Numbers will not
 Housley,> exceed 2^64 blocks even if all of the packets are
 Housley,> maximum-length Jumbograms.

Yes, that looks great; it covers all cases with a single description.

     paul

References:
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
  - From: "Housley, Russ" <rhousley@rsasecurity.com>

Prev by Date: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Next by Date: RE: Clarification of potential NAT multiple client solutions
Prev by thread: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Next by thread: RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Index(es):
- Date
- Thread