> -----Original Message----- > From: IPsec <ipsec-boun...@ietf.org> On Behalf Of Tero Kivinen > Sent: Wednesday, July 29, 2020 2:30 PM > To: Michael Rossberg <michael.rossb...@tu-ilmenau.de> > Cc: Steffen Klassert <steffen.klass...@secunet.com>; ipsec@ietf.org; Valery > > > Like written already: An unpredictable value of 32bit size is of no > > real value from a crypto point of view. One could simply guess the > > value and have a realistic chance of being right after a couple of > > thousand tries. I believe it is only in the standard, as with 64 bit > > sequence numbers there where 32 bits left; needing to be filled. > > I think it came from the NIST documents where it was called fixed field. The > idea was to make sure that even if someone accidently used same key twice > for two different SAs, this will not cause issues, as that fixed field is > going to > be unique anyways.
No, RFC4106 (June 2005) predated 800-38D (November 2007) by over two years. Instead, it was inserted to harden the system against multitarget attacks, as I said earlier... _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
