[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Counter Mode: Proposed Way Forward

To: Paul Koning <pkoning@equallogic.com>
Subject: Re: Counter Mode: Proposed Way Forward
From: Russ Housley <housley@vigilsec.com>
Date: Wed, 27 Nov 2002 19:16:20 -0500
Cc: ipsec@lists.tislabs.com
In-Reply-To: <15845.1606.961113.340051@pkoning.dev.equallogic.com>
References: <F504A8CEE925D411AF4A00508B8BE90A0162D056@exna07.securitydynamics.com>
Sender: owner-ipsec@lists.tislabs.com

Paul:

We could do that, but I am hoping that people will be interested in CCM 
once the new ESP gets rolling.  CCM uses the flags field, but it cannot be 
zero.  This would make it very easy for an implementation to support CCM 
and this counter mode specification too.

Russ

At 12:52 PM 11/27/2002 -0500, Paul Koning wrote:
> >>>>> "Russ" == Russ Housley <Housley> writes:
>
>  Russ> ...
>  Russ> I propose the replacement of the truncated SPI with the 24 most
>  Russ> significant bits form the IKE nonces.  I propose that the
>  Russ> initiator use 24 bits from its own nonce, and the responder use
>  Russ> 24 bits from its own nonce. ...
>
>  Russ> Unless I hear an uproar on the list, I will update the draft to
>  Russ> reflect this way forward.
>
>Sounds good.
>
>How about losing the flags field, since it appears to serve no
>purpose, and using 32 bits of nonce?
>
>         paul

References:
- Counter Mode: Proposed Way Forward
  - From: "Housley, Russ" <rhousley@rsasecurity.com>
- Re: Counter Mode: Proposed Way Forward
  - From: Paul Koning <pkoning@equallogic.com>

Prev by Date: Re: Why is IDAccepted added?
Next by Date: Re: IKEv2 use of HMAC-SHA-1 for Key Derivation
Prev by thread: Re: Counter Mode: Proposed Way Forward
Next by thread: Why is IDAccepted added?
Index(es):
- Date
- Thread