> -----Original Message----- > From: IPsec <[email protected]> On Behalf Of Tero Kivinen > Sent: Wednesday, July 29, 2020 2:30 PM > To: Michael Rossberg <[email protected]> > Cc: Steffen Klassert <[email protected]>; [email protected]; Valery > > > Like written already: An unpredictable value of 32bit size is of no > > real value from a crypto point of view. One could simply guess the > > value and have a realistic chance of being right after a couple of > > thousand tries. I believe it is only in the standard, as with 64 bit > > sequence numbers there where 32 bits left; needing to be filled. > > I think it came from the NIST documents where it was called fixed field. The > idea was to make sure that even if someone accidently used same key twice > for two different SAs, this will not cause issues, as that fixed field is > going to > be unique anyways.
No, RFC4106 (June 2005) predated 800-38D (November 2007) by over two years. Instead, it was inserted to harden the system against multitarget attacks, as I said earlier... _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
