RE: replay field size straw poll
Robert Glenn <glenn@snad.ncsl.nist.gov> Wed, 12 February 1997 15:10 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id KAA26350 for ipsec-outgoing; Wed, 12 Feb 1997 10:10:11 -0500 (EST)
From: Robert Glenn <glenn@snad.ncsl.nist.gov>
Date: Wed, 12 Feb 1997 10:14:14 -0500
Message-Id: <199702121514.KAA01123@sloth.ncsl.nist.gov>
To: kent@bbn.com
Subject: RE: replay field size straw poll
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
Steve,
> As editor for the AH and ESP specs, based on the traffic I've seen
>this last 2 weeks, I'm planing to go with 32-bit counters for both and to
>assume that the HMAC value will be 128 bits, to help resolve the alignment
>problem. If there are strong objections to this tact, I'd like to hear by
>2/14.
Unless there is a significant change to the AH header, a 32 bit non-optional
counter and a 128 bit HMAC value will not resolve the alignment problem.
01234567012345670123456701234567
+------+-------+-------+-------+
| NH | Len | Reserved | 32 bits
+------+-------+-------+-------+
| SPI | 32 bits
+------+-------+-------+-------+
| Replay Prev. Counter | 32 bits
+------+-------+-------+-------+
| |
| HMAC |
| Value | 128 bits
| |
+------+-------+-------+-------+
total: 224 bits --- not multiple of 64
Possible solutions would be 1) 64 bit counter, 2) a 64 bit alignment pad
trailer, or 3) a 160 bit HMAC Value.
Rob G.
- RE: replay field size straw poll David P. Kemp
- RE: replay field size straw poll Stephen Kent
- Re: replay field size straw poll Steven M. Bellovin
- RE: replay field size straw poll Robert Glenn
- RE: replay field size straw poll Naganand Doraswamy
- RE: replay field size straw poll Rob Adams
- Re: replay field size straw poll Stephen Kent
- RE: replay field size straw poll Luis A. Sanchez
- RE: replay field size straw poll wei