Re: [karp] FW: Stephen Farrell's Discuss on draft-ietf-karp-design-guide-04: (with DISCUSS and COMMENT)
Stephen Kent <kent@bbn.com> Tue, 27 September 2011 03:43 UTC
Return-Path: <kent@bbn.com>
X-Original-To: karp@ietfa.amsl.com
Delivered-To: karp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E327521F8BEE for <karp@ietfa.amsl.com>; Mon, 26 Sep 2011 20:43:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.064
X-Spam-Level:
X-Spam-Status: No, score=-106.064 tagged_above=-999 required=5 tests=[AWL=-0.457, BAYES_00=-2.599, DATE_IN_PAST_12_24=0.992, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CGd+MJJWyn2F for <karp@ietfa.amsl.com>; Mon, 26 Sep 2011 20:43:53 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 61A4521F8BBA for <karp@ietf.org>; Mon, 26 Sep 2011 20:43:53 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:54132 helo=[10.5.7.5]) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1R8Ocu-000Isd-Uu; Mon, 26 Sep 2011 23:46:37 -0400
Mime-Version: 1.0
Message-Id: <p06240800caa635de67ab@[10.112.135.100]>
In-Reply-To: <7C362EEF9C7896468B36C9B79200D8350D005289E6@INBANSXCHMBSA1.in.alcatel-luce nt.com>
References: <7C362EEF9C7896468B36C9B79200D8350D005289E6@INBANSXCHMBSA1.in.alcatel-luce nt.com>
Date: Mon, 26 Sep 2011 10:06:24 -0400
To: "Bhatia, Manav (Manav)" <manav.bhatia@alcatel-lucent.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: karp@ietf.org
Subject: Re: [karp] FW: Stephen Farrell's Discuss on draft-ietf-karp-design-guide-04: (with DISCUSS and COMMENT)
X-BeenThere: karp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion list for key management for routing and transport protocols <karp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/karp>, <mailto:karp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/karp>
List-Post: <mailto:karp@ietf.org>
List-Help: <mailto:karp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/karp>, <mailto:karp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2011 03:43:54 -0000
> >NEW >Most importantly it provides fresh traffic keying material for each >session, thus helping to prevent inter-connection replay attacks. >Any fixed keystream output, generated from the same key and index >should only be used to encrypt once. Re-using such keystream >(jokingly called a 'two-time pad' system by cryptographers), can >seriously compromise security. The NSA's VENONA project [VENONA] >provides a historical example of such a compromise. Usually routing >protocols dont require encryption, however, if they do then using a >KMP avoids the two-time pad problem since packets from different >sessions are encrypted using distinct IVs, or, with distinct session >keys or both distinct IVs and session keys. This text is better. But, since we have no established requirement for encryption for these protocols, it's also needlessly chatty, with about 90% of the text focusing on an encryption-based rationale. I suggest deleting everything after the first sentence. Steve
- [karp] FW: Stephen Farrell's Discuss on draft-iet… Bhatia, Manav (Manav)
- Re: [karp] FW: Stephen Farrell's Discuss on draft… Stephen Kent
- Re: [karp] FW: Stephen Farrell's Discuss on draft… Manav Bhatia