Re: [Ipsec] CCM: AAD construction
Stephen Kent <kent@bbn.com> Thu, 07 April 2005 08:34 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA27501 for <ipsec-archive@lists.ietf.org>; Thu, 7 Apr 2005 04:34:51 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DJSQw-0005Fg-0x; Thu, 07 Apr 2005 04:32:14 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DJSQu-0005FF-0H for ipsec@megatron.ietf.org; Thu, 07 Apr 2005 04:32:12 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA27301 for <ipsec@ietf.org>; Thu, 7 Apr 2005 04:32:09 -0400 (EDT)
Received: from aragorn.bbn.com ([128.33.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DJSZP-0000Hk-FC for ipsec@ietf.org; Thu, 07 Apr 2005 04:41:00 -0400
Received: from [192.168.50.62] (ramblo.bbn.com [128.33.0.51]) by aragorn.bbn.com (8.12.7/8.12.7) with ESMTP id j378VwvF019124; Thu, 7 Apr 2005 04:32:00 -0400 (EDT)
Mime-Version: 1.0
Message-Id: <p06210205be7a99d31d92@[192.168.50.62]>
In-Reply-To: <E4FF889B88DF4A4EBBDDDEF6D5BF7CE40515F615@fmsmsx407.amr.corp.intel.com>
References: <E4FF889B88DF4A4EBBDDDEF6D5BF7CE40515F615@fmsmsx407.amr.corp.intel.com>
Date: Thu, 07 Apr 2005 04:07:33 -0400
To: "Bansal, Yogesh" <yogesh.bansal@intel.com>
From: Stephen Kent <kent@bbn.com>
Subject: Re: [Ipsec] CCM: AAD construction
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Virus-Scanned: ClamAV version 0.83, clamav-milter version 0.83 on 128.33.1.41
X-Virus-Status: Clean
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c
Cc: ipsec@ietf.org, "Raghunandan, Makaram" <makaram.raghunandan@intel.com>
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
At 1:30 PM -0700 4/6/05, Bansal, Yogesh wrote: > <SNIP> > >However, IPSec ESP mode states that encryption is done prior to >authentication. Does this order change in the >draft-ietf-ipsec-ciph-aes-ccm-05.txt, meaning that authentication is >done after CTR-encryption? If so, is the CBC-MAC encrypted again. look at ESP v3. drafts of this document have been around for quite a while. it has just been approved by the IESG and is now in the RFC Editor's hands. It has an explicit discussion of how to process packets when a combined mode algorithm (confidentiality and integrity) is employed. Steve _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] CCM: AAD construction Bansal, Yogesh
- Re: [Ipsec] CCM: AAD construction Stephen Kent
- Re: [Ipsec] CCM: AAD construction Russ Housley