| crypto algorithms for DTLS | <– Date –> <– Thread –> |
From: Abhijit Choudhury (abhijit10425 yahoo.com)
|
|
| Date: Fri, 22 Dec 2006 11:36:32 -0800 (PST) | |
Folks,
The current draft mentions the following
o TLS_RSA_WITH_AES_128_CBC_SHA
o TLS_RSA_WITH_3DES_EDE_CBC_SHA
mandatory modes for DTLS in CAPWAP. There was
some discussion in the past about the
shortcomings of 3DES when used for DTLS in
CAPWAP. That would leave AES_128_CBC_SHA
as the leading candidate for use in DTLS for
as the leading candidate for use in DTLS for
CAPWAP.
I would propose adding AES-GCM (with GMAC) as
a mandatory mode. This is already supported in
IPSec (RFC 4106) and also in 802.1ae. This
algorithm provides significant performance
improvement in both hardware and software
implementations. (see http://eprint.iacr.org/2004/193.pdf)
When we move to 802.11n, the aggregation of traffic
from many 11n APs at the AC will imply that
we will need crypto algorithms with high
throughput. Supporting AES-GCM would help.
Comments ?
Regards,
Abhijit
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-
crypto algorithms for DTLS Abhijit Choudhury, December 22 2006
-
Re: crypto algorithms for DTLS Charles Clancy, December 22 2006
- Re: crypto algorithms for DTLS Eric Rescorla, December 22 2006
-
crypto algorithms for DTLS Abhijit Choudhury (achoudhu), July 8 2008
- Re: crypto algorithms for DTLS Scott Kelly, July 8 2008
-
Re: crypto algorithms for DTLS Charles Clancy, December 22 2006
Results generated by Tiger Technologies using MHonArc.