[LinkSec] Preliminary view of header format
Here's a preliminary view:
SAID|IV|PAYLOAD|MIC
SAID = 4 bytes Security Association Identifier
IV = Initialization Vector, 4-16 bytes, depending on ciphersuite
PAYLOAD = variable length
MIC = Message Integrity Code, 8-16 bytes, depending on ciphersuite
The SAID could be compressed to a single octet if there is other implicit context
"lying around" that can uniquely identify this security association. It's not
clear to me that is possible across all technologies we're talking about here,
so making it 4 bytes (32-bits) would be consistent with 802.10, and IPSec.
Given the birthday paradox, I'm inclined to conservatism, and perhaps that
8-16 bytes for MIC should be 10-16 bytes. It would probably be prudent
to make a statement in each ciphersuite that negotiation of new keys
(and consequent SAID) should begin when 2**((N/2)-1) messages have been
transmitted under the current key, where N is the MIC size in bits.
--
----------------------------------------------------------------------
Marcus Leech Mail:
Advisor Phone: (ESN) 393-9145 +1 613 763 9145
Security Architecture and Planning Fax: (ESN) 393-2754 +1 613 763 2754
Nortel Networks mleech@nortelnetworks.com
-----------------Expressed opinions are my own, not my employer's------