On Thu, 9 Jun 2016, Daniel Migault wrote:
Please find our new proposal with ESP using implicit IV [1]. We would like to present and discuss it at the next IETF meeting.
I must understand it wrong... Aren't these IVs different per ESP packet? And unrelated to IKE values? How do both parties calculate the IV if it is not send as part of the packet?
From what I understand, only part of that comes from IKE (aka the salt
values that are taken from the IKE KEYMAT). As far as I understand, it still needs to be unpredictable? If this IV somehow comes from IKE, it might be very tricky for FIPS certifications, because the security of the ESP IV then depends on the IKE userland. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
