[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ipsec] Paddding Issue in AES-XCBC-MAC-96 with IPSEC (RFC3566)

To: Sheila Frankel <sheila.frankel@nist.gov>
Subject: Re: [Ipsec] Paddding Issue in AES-XCBC-MAC-96 with IPSEC (RFC3566)
From: Stephen Kent <kent@bbn.com>
Date: Fri, 13 Aug 2004 09:21:50 -0400
Cc: ipsec@ietf.org, howard.c.herbert@intel.com
In-reply-to: <1092256900.411a84840e4e7@webmail.nist.gov>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <Pine.LNX.4.44.0408112110180.32265-100000@brahma.intotoind.com><p06110402bd4022b8f73c@[128.33.244.157]><1092256900.411a84840e4e7@webmail.nist.gov>
Sender: ipsec-bounces@ietf.org

At 4:41 PM -0400 8/11/04, Sheila Frankel wrote:
>Actually, I came to the opposite conclusion:
>
>This question is addressed in the AES-XCBC-MAC RFC; unfortunately, it appears
>in a different section than the algorithm definition. The AH RFC, in section
>3.3.3.2.2, exempts MD5 and SHA-1 from the implicit packet padding 
>requirements,
>since they have their own padding conventions. AES-XCBC-MAC was not defined
>when the AH RFC was written, but it is treated in the same way. Thus, the
>padding will be performed according to the AES-XCBC-MAC specification, and
>Case2 will occur when the packetsize is not a multiple of 128 bits. In fact,
>the AES-XCBC-MAC RFC, in section 4.2, states "with regard to 'implicit packet
>padding' as defined in [AH], no implicit padding is required."
>
>Sheila Frankel
>sheila.frankel@nist.gov
>

Sheila,

Good point.

As you note, we make an explicit exception for MD5 and SHA-1 in AH, 
both the RFC and the new I-D that will replace it.  Maybe we should 
remove these references to specific algorithms in AH and ESP and, 
instead, refer folks to the documents that define how to use specific 
integrity algorithms with AH and ESP, re padding.

Steve

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

References:
- [Ipsec] Paddding Issue in AES-XCBC-MAC-96 with IPSEC (RFC 3566)
  - From: Navin Kumar <navink@intoto.com>
- Re: [Ipsec] Paddding Issue in AES-XCBC-MAC-96 with IPSEC (RFC3566)
  - From: Stephen Kent <kent@bbn.com>
- Re: [Ipsec] Paddding Issue in AES-XCBC-MAC-96 with IPSEC (RFC 3566)
  - From: Sheila Frankel <sheila.frankel@nist.gov>

Prev by Date: [Ipsec] Hey!
Next by Date: Re: [Ipsec] new ICMP text for 2401bis
Previous by thread: Re: [Ipsec] Paddding Issue in AES-XCBC-MAC-96 with IPSEC (RFC 3566)
Next by thread: [Ipsec] IKEv2 traffic selector negotiation examples
Index(es):
- Date
- Thread