A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : IPsec anti-replay algorithm without bit-shifting
Author(s) : Xiangyang Zhang
Tina Tsou
Filename : draft-zhang-ipsecme-anti-replay-01.txt
Pages : 10
Date : 2011-06-09
This document presents a new method to do anti-replay check and
update, which becomes one alternative to the anti-replay
algorithm in RFC 4302 and RFC 4303. The new method will deem the
bit-shifting unnecessary. It will reduce the number of times
to slide the window. In addition, it makes bit-check and
bit-update easier as it does not depend on the low index of the
sliding window. It is especially beneficial when the window size
is much bigger than 64 bits, for example, 1024 bits.
IPsec employs one anti-replay sliding window protocol to secure
against an adversary that can insert the messages inside the
network tunnel. This method still inherits the sliding window
protocol, but use one or more redundant bytes to ease the update
of sliding window. The bit-shifting is deemed unnecessary with
updating the high and low index of the window, which is especially
efficient in case of the big window size. Thus the method reduces
the number of times to update the window.
In addition, the bit location is fixed for one sequence number,
thus makes the bit check and update easier and faster.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-zhang-ipsecme-anti-replay-01.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-zhang-ipsecme-anti-replay-01.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
