Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Implicit IV for Counter-based Ciphers in IPsec
draft-mglt-ipsecme-implicit-iv-02

Versions:

This document is an Internet-Draft (I-D). Anyone may submit an I-D to the IETF. This I-D is not endorsed by the IETF and has no formal standing in the IETF standards process.

The information below is for an old version of the document.

Document	Type	This is an older version of an Internet-Draft whose latest revision state is "Replaced". Expired & archived
	Authors	Daniel Migault , Tobias Guggemos , Yoav Nir
	Last updated	2017-05-18 (Latest revision 2016-11-14)
	Replaced by	draft-ietf-ipsecme-implicit-iv, RFC 8750
	RFC stream	Internet Engineering Task Force (IETF)
	Formats	txt xml htmlized bibtex bibxml
	Additional resources	Mailing list discussion
Stream	WG state	Call For Adoption By WG Issued
	Document shepherd	(None)
IESG	IESG state	Expired
	Consensus boilerplate	Unknown
	Telechat date	(None)
	Responsible AD	(None)
	Send notices to	(None)

Email authors Email WG IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt xml htmlized bibtex bibxml

Abstract

IPsec ESP sends an initialization vector (IV) or nonce in each packet, adding 8 or 16 octets. Some algorithms such as AES-GCM, AES- CCM, AES-CTR and ChaCha20-Poly1305 require a unique nonce but do not require an unpredictable nonce. When using such algorithms the packet counter value can be used to generate a nonce, saving 8 octets per packet. This document describes how to do this.

Authors

Daniel Migault
Tobias Guggemos
Yoav Nir

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

Implicit IV for Counter-based Ciphers in IPsec draft-mglt-ipsecme-implicit-iv-02

Implicit IV for Counter-based Ciphers in IPsec
draft-mglt-ipsecme-implicit-iv-02