New AH Transform Drafts submitted

Robert Glenn <glenn@snad.ncsl.nist.gov> Thu, 20 March 1997 21:12 UTC

Received: from cnri by ietf.org id aa02976; 20 Mar 97 16:12 EST
Received: from portal.ex.tis.com by CNRI.Reston.VA.US id aa19539; 20 Mar 97 16:12 EST
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id PAA19234 for ipsec-outgoing; Thu, 20 Mar 1997 15:55:24 -0500 (EST)
Date: Thu, 20 Mar 1997 16:00:17 -0500
From: Robert Glenn <glenn@snad.ncsl.nist.gov>
Message-Id: <199703202100.QAA26863@snad.ncsl.nist.gov>
To: ipsec@tis.com
Subject: New AH Transform Drafts submitted
Cc: rob.glenn@nist.gov
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

I've submitted the new AH transform drafts today.  They should show
up at your favorite I-D place in a few days.  Until then, I've
made them available at:

  ftp://ftp.antd.nist.gov/pub/ipsec/draft-ietf-ipsec-ah-hmac-md5-96-00.txt  and
  ftp://ftp.antd.nist.gov/pub/ipsec/draft-ietf-ipsec-ah-hmac-sha-1-96-00.txt.

These are to replace RFC2085 and draft-ietf-ipsec-ah-hmac-sha-04.txt.

Here are some quick diffs & potential open issues.  Before commenting on this 
message, please first read the drafts.

1. The HMAC digest is truncated to 96 bits.

2. The Replay Prevention field is a fixed 32-bits.

3. Replay Prevention is still optional BUT, if not implemented or
   not in use (as specified by the SA) the field remains in the packet
   header but is zeroed and ignored - read the spec for more details.

4. The Replay Prevention field is an up counter that starts at 1.  Actually
   this is kept from the previous specs.  The reason I mention it, is that
   it differs from the ESP-DES-MD5 spec.  I avoided using a negotiated
   counter because of the complexity it adds and I'm not convinced
   that starting at a fixed number weakens security.  I'm open to be
   convinced.

5. There is a pointer to a HMAC test vectors draft (forth coming with
   in the next day or so) that will hopefully eliminate some of the
   interoperability problems seen recently.

There are additional changes where we tried to make things a bit more
clear.

Please read the drafts and provide comments.  I'll re-iterate the above
in Memphis and bring up additional issues that may arise between now
and then.

Rob G.
rob.glenn@nist.gov