Re: risks of MACs associated with packets
smb@research.att.com Mon, 30 January 1995 21:14 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa09116; 30 Jan 95 16:14 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa09112; 30 Jan 95 16:13 EST
Received: from interlock.ans.net by CNRI.Reston.VA.US id aa16149; 30 Jan 95 16:13 EST
Received: by interlock.ans.net id AA07610 (InterLock SMTP Gateway 1.1 for ipsec-out@ans.net); Mon, 30 Jan 1995 15:58:46 -0500
Received: by interlock.ans.net (Internal Mail Agent-2); Mon, 30 Jan 1995 15:58:46 -0500
Message-Id: <199501302058.AA37302@interlock.ans.net>
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: smb@research.att.com
Received: by interlock.ans.net (Internal Mail Agent-1); Mon, 30 Jan 1995 15:58:46 -0500
To: Derrell Piper <PIPER@bilbo.tgv.com>
Cc: ipsec@ans.net
Subject: Re: risks of MACs associated with packets
Date: Mon, 30 Jan 1995 15:41:21 -0500
I also think the authentication info should be outside of the ESP so that bogus packets can be detected without having to decrypt the whole packet... I don't think this makes much differences. While MD5 and the like are cheaper than DES, they're not that much cheaper. Philosophically, a denial of service attack can occur when it's cheaper for your enemy to send messages than it is for you to process them. But in this case, the enemy's transmission process is very cheap: a random packet generator. That's true whether the verification is done by decryption or by MD5. In either case, your machine will take a tremendous hit.