[IPsec] New Draft Version: Diet-ESP

"Tobias Guggemos" <tobias.guggemos@stud.ifi.lmu.de> Tue, 04 March 2014 11:35 UTC

Return-Path: <tobias.guggemos@stud.ifi.lmu.de>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 011CE1A0710; Tue, 4 Mar 2014 03:35:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.086
X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.547, T_REMOTE_IMAGE=0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id az7NFLs3l1Ok; Tue, 4 Mar 2014 03:35:29 -0800 (PST)
Received: from acheron.ifi.lmu.de (acheron.ifi.lmu.de [IPv6:2001:4ca0:4000:1:129:187:214:135]) by ietfa.amsl.com (Postfix) with ESMTP id 7F1E71A0703; Tue, 4 Mar 2014 03:35:29 -0800 (PST)
Received: from TobiIdeaPad (unknown [IPv6:2001:67c:370:160:1808:37a0:831f:d853]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: guggemos) by acheron.ifi.lmu.de (Postfix) with ESMTPSA id 6E82F94A0CC; Tue, 4 Mar 2014 12:35:25 +0100 (CET)
From: "Tobias Guggemos" <tobias.guggemos@stud.ifi.lmu.de>
To: <ipsec@ietf.org>, <lwip@ietf.org>
Date: Tue, 4 Mar 2014 11:35:36 -0000
Message-ID: <012001cf379d$ddc4f760$994ee620$@stud.ifi.lmu.de>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0121_01CF379D.DDC71A40"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: Ac83nVrWJjL0rRg9Tq6qFucLAUi7PQ==
Content-Language: de
X-Antivirus: avast! (VPS 140302-1, 02.03.2014), Outbound message
X-Antivirus-Status: Clean
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/m0sef72ZW5s33vB_22FSYcPLRIg
Subject: [IPsec] New Draft Version: Diet-ESP
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Mar 2014 11:35:35 -0000

Hi all, 

Please find a draft we have just posted. It is updated with some of the
comments from the mailinglist and moved from dice to ipsecme WG.

Comments are welcome,



A new version of I-D, draft-mglt-ipsecme-diet-esp-00.txt

has been successfully submitted by Tobias Guggemos and posted to the IETF


Name:                 draft-mglt-ipsecme-diet-esp

Revision:             00

Title:                    Diet-ESP: a flexible and compressed format for

Document date:               2014-03-03

Group:                 Individual Submission

Pages:                  26



Htmlized:        <http://tools.ietf.org/html/draft-mglt-ipsecme-diet-esp-00>




   IPsec/ESP has been designed to secure IP packets exchanged between

   two nodes.  IPsec implements security at the IP layer which makes

   security transparent to the applications, as opposed to TLS or DTLS

   that requires application to implement TLS/DTLS.  As a result, IPsec

   enable to define the security rules in a similar way one establishes

   firewall rules.


   One of the IPsec's drawbacks is that implementing security on a per

   packet basis adds overhead to each IP packet.  Considering IoT

   devices, the data transmitted over an IP packet is expected to be

   rather small, and the cost of sending extra bytes is so high that

   IPsec/ESP can hardly be used for IoT as it is currently defined in

   RFC 4303.


   This document defines Diet-ESP, a protocol that compress and reduce

   the ESP overhead of IPsec/ESP so that it can fit security and energy

   efficient IoT requirements.  Diet-ESP use already existing mechanism

   like IKEv2 to negotiate the compression format.  Furthermore a lot of

   information, already existing for an IPsec Security Association, are

   reused to offer light negotiation in addition to maximum compression.





Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.


The IETF Secretariat



Diese E-Mail ist frei von Viren und Malware, denn der avast! Antivirus Schutz ist aktiv.