[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: Re: Draft des-md5 v3
From: "James Hughes" <hughes () nsco ! network ! com>
Date: 1997-01-14 18:46:36
[Download RAW message or body]
> While implementing the DES-MD5 transform as of draft v3, i noticed
> that the algorithm that checks the replay counter window that's given
> would not work correctly with the draft's specification; the algorithm
> assumes that the initial value of the replay counter is 1 (or 0), but
> the draft has the counter initialized to some arbitrary value (an MD5
> result).
The counter must be "aliased" to 0 by subtracting the received value from
the initial value. Unsigned arithemetic works just fine for this.
jim
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic