[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Waterhouse" == Waterhouse, Richard <Richard.Waterhouse@GDC4S.Com> writes:
Waterhouse> There is another application area that can benefit from CTR
Waterhouse> mode. CTR doesn't do error extension. If you are working in a
Waterhouse> noisy environment, have an application that can tolerate
Waterhouse> errors (but still don't want a bit error to multiply), need
Waterhouse> confidentiality but can do without authentication (e.g., you
I understand what you are saying, and it would apply to things like link
encryption, where one uses a continuous CTR mode. I do not believe that it
applies to packet oriented networks. Packets are either accepted in their
entirety, or discarded (and retransmitted).
While it might be that some media applications are such that a corrupted,
un-authenticatable packet is better than no packet at all, such applications
would also, by extension, be vulnerable to introduction of bogus packets,
and general denial of service on them.
I would suggest that such a security model is outside the scope of the
current ESP transform - i.e. we are talking about more than just swapping
3DES for AES-CTR in the cipher table.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPWZ7doqHRg3pndX9AQHxVgQApnIcxZZwi5Wrk6yLxrXrg6RkuRNdvjBO
DVxbsE43vBbduXrpBUF8GDo4v9RVGE3RX1SGgYSMuCsQRrGcb+wHoa5H7D/Sc46b
57kO6bGSr4PLMpQBYKuaFK/2Tx55DM52R2hw4hQ8UeDnBxFuy9hMenh//0Vmn1n2
BmSqiGotNSU=
=MKfs
-----END PGP SIGNATURE-----