[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ESPv3 TFC padding
Hi,
I have a few questions on what folks are doing for the Traffic-Flow
Confidentiality (TFC) padding for ESPv3. Is there an algorithm being
deployed for determining how much padding to add, or is that implementation
specific? Sorry, I couldn't find any documentation for this feature,
outside of the ESPv3 draft.
I'm trying to figure out if it is best to use a random amount of TFC padding,
or to pad out to a certain size (e.g. segment size) for all packets.
It would seem that random padding probably isn't sufficient, as if you're
trying to mask small packets, adding a random pad will just result in a
bigger packet on average, but will still be discernable from a VPN which is
just passing large packets.
If this is truly implentation specific, I'll just pick what I think is
best. But if there has been some discussion on this, or this is a draft
out there somewhere, I'd like to try and do as others are doing.
Thanks!
Tylor
--------------------------------------------------------------------------------
Tylor Allison
Principal Engineer
Secure Computing®
Protecting the world's most important networks (TM)
www.securecomputing.com
NASDAQ: SCUR
--------------------------------------------------------------------------------