John S. Denker wrote:
On 06/19/2003 01:49 PM, martin f krafft wrote:
 > As far as I can tell, IPsec's ESP has the functionality of
 > authentication and integrity built in:

It depends on what you mean by "built in".
 1) The RFC provides for ESP+authentication but
does not require ESP to use authentication.
 2) Although the RFC allows ESP without
authentication, typical implementations are
less flexible.  In FreeS/WAN for instance, if
you ask for ESP will get ESP+AH.

ESP without authentication may be vulnerable to
replay attacks and/or active attacks that tamper
with the bits in transit.  The degree of vulnerability
depends on details (type of chaining, higher-level
properties of payload, ...).

There's some discussion and links in the FreeS/WAN docs:

--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to