Hi,
The RFC 4106 "The Use of Galois/Counter Mode (GCM) in IPsec
Encapsulating Security Payload (ESP)" doesn't explicitly state
how are ESN octets distributed in the AAD.
Given that SPI and low-order 32 bits are coming from the actual
packet and most likely occupy one cache line, I'd expect AAD to
look like this to exploit cache locality and simplify processing:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SPI |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Low-order 32 bits (part of the packet) |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| High-order 32 bits (external memory buffer) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Could you please confirm or disconfirm this observation.
Thanks in advance,
Mike
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
