Use OTP in IPSEC?
Markku Savela <msa@anise.tte.vtt.fi> Wed, 06 October 1999 12:17 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id FAA13782; Wed, 6 Oct 1999 05:17:29 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id GAA26532 Wed, 6 Oct 1999 06:50:03 -0400 (EDT)
Date: Wed, 06 Oct 1999 13:52:06 +0300
From: Markku Savela <msa@anise.tte.vtt.fi>
Message-Id: <199910061052.NAA29733@anise.tte.vtt.fi>
To: ipsec@lists.tislabs.com
Subject: Use OTP in IPSEC?
Reply-to: msa@hemuli.tte.vtt.fi
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
This is just one my random ideas that float in the background, and just decided to sound it off on this list... I think there might be some special cases where even use of OTP (One time pad) might be usable with IPSEC. Possible technical definition: Within ESP, each packet would, instead of IV, use an 64 bit offset to OTP that is somehow known to both ends (with the usual problems of keeping the OTP secret etc.) A server that provides some highly sensitive, but short, information as a responce to queries could use this method. [This almost implicitly requires the ability to negotiate assymmetric associations (currently only possible with manual configuring) Server ----> IPSEC(OTP) ------> clients <---- other protection [cant have multiple senders use the same OTP, as it would be hard to prevent the same pad segment being used twice]. OTP might be useful also in the key echange of the key management, if one is suspicious about the public key algorithms.
- Use OTP in IPSEC? Markku Savela
- Re: Use OTP in IPSEC? Ari Huttunen