Re: about rfc2393
Hovav Shacham <hovav@leland.Stanford.EDU> Sat, 12 December 1998 14:07 UTC
Return-Path: hovav@leland.Stanford.EDU
Received: from sj-mailhub-2.cisco.com (sj-mailhub-2.cisco.com [171.69.43.88]) by ftp-eng.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id GAA27894 for <ippcp-archive-file@ftp-eng.cisco.com>; Sat, 12 Dec 1998 06:07:14 -0800 (PST)
Received: from bubbuh.cisco.com (bubbuh.cisco.com [198.92.30.35]) by sj-mailhub-2.cisco.com (8.9.1a/8.9.1) with ESMTP id GAA21631 for <extdom.ippcp@filter.cisco.com>; Sat, 12 Dec 1998 06:13:40 -0800 (PST)
Received: from sj-mailhub-2.cisco.com (sj-mailhub-2.cisco.com [171.69.43.88]) by bubbuh.cisco.com (8.8.4-Cisco.1/CISCO.GATE.1.1) with ESMTP id GAA05479 for <ippcp@external.cisco.com>; Sat, 12 Dec 1998 06:06:35 -0800 (PST)
Received: from proxy3.cisco.com (proxy3.cisco.com [192.31.7.90]) by sj-mailhub-2.cisco.com (8.9.1a/8.9.1) with ESMTP id GAA21627 for <ippcp@external.cisco.com>; Sat, 12 Dec 1998 06:13:39 -0800 (PST)
Received: (from smap@localhost) by proxy3.cisco.com (8.8.7/8.8.5) id GAA17039 for <ippcp@external.cisco.com>; Sat, 12 Dec 1998 06:06:34 -0800 (PST)
Received: from smtp2.stanford.edu(171.64.14.23) by proxy3.cisco.com via smap (V2.0) id xma017034; Sat, 12 Dec 98 14:06:30 GMT
X-SMAP-Received-From: outside
Received: from BAANAANAA (baanaanaa.Stanford.EDU [171.64.164.187]) by smtp2.Stanford.EDU (8.8.8/8.8.8/L) with SMTP id FAA06301; Sat, 12 Dec 1998 05:56:23 -0800 (PST)
To: Jerome Etienne <jerome@psti.com>
Cc: "'ippcp@external.cisco.com'" <ippcp@external.cisco.com>
Subject: Re: about rfc2393
References: <31946FC09021D211BE9B00104BD1DEEE064208@dukat.psti.com>
From: Hovav Shacham <hovav@leland.Stanford.EDU>
Date: Sat, 12 Dec 1998 05:56:22 -0800
In-Reply-To: Jerome Etienne's message of "Thu, 10 Dec 1998 15:59:49 -0500"
Message-ID: <uemq5v4zd.fsf@leland.stanford.edu>
Lines: 30
X-Mailer: Gnus v5.6.44/Emacs 19.34
Jerome Etienne <jerome@psti.com> writes: > When IPComp is used in the context of IPSec, it is believed not > to have an effect on the underlying security functionality > provided by the IPSec protocol; i.e., the use of compression is > not known to degrade or alter the nature of the underlying > security architecture or the encryption technologies used to > implement it. [RFC 2392] > > but in fact the compression increases the encryption scheme, because > it reduces the redondancy of the plain text which is so usefull for > cryptanalysis. Yes and no. Dictionary attacks play only a minor role in modern cryptanalysis. The encryption algorithms used in IPSec (e.g., DES in CBC mode; see RFCs 2405 and 2406) are designed to hide plaintext repetitions, so redundancy is probably not a problem. Besides, it is not clear that compression hides structure. In a nightmare scenario, the output from compression could be structured exactly such that decryption happens to be easy. Making security arguments about subsets of the plaintext space is very difficult. I think the RFC phrasing is fine as is. Hovav.
- about rfc2393 Jerome Etienne
- Re: about rfc2393 Hovav Shacham