On Oct 27, 2022, at 08:40, Paul Ponchon (pponchon)
<pponchon=40cisco....@dmarc.ietf.org> wrote:
>
>
>
> Is this requirement only based on not reusing the same IV on different cores
> or is there an additional factor I missed?
For AES-GCM there is a 2^32 max operations per private key as well.
>
> We're are currently facing some scalability issues with using multiple Child
> SAs and we think it is possible to reuse the same keymat on all the per cpu
> SAs.
On 100gbps links the counter is already super low, splitting the IV space
further wouldn’t work well I think.
> And we would also ensure that the keymat is used in a FIPS compliant manner.
How would you keep track on the 2^32 max operations (this happens in minutes on
100gbps links)
> Would there be any other concerns in reusing the same keymat between
> multiple SAs ?
See above but also right now userland pushes keys and wipes them. Anything that
needs to remember private ipsec keys in userland would be undesirable.
Paul
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
