Timeline for How often ciphers are used through an IPSEC session
Current License: CC BY-SA 3.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 7, 2021 at 7:34 | history | edited | CommunityBot | replaced https://tools.ietf.org/html/rfc with https://www.rfc-editor.org/rfc/rfc | |
| Feb 1, 2018 at 3:42 | comment | added | forest | @Louis HMAC is not designed to mitigate DoS. They're designed to address the issue of ciphertext malleability, where an attacker that doesn't know the key may be able to modify the ciphertext such that it will decrypt into plaintext in predictable ways. An HMAC allows the endpoint to know for sure that only a party with access to the encryption key will be able to create or modify a valid HMACed payload. | |
| Feb 1, 2018 at 3:20 | comment | added | forest | @Louis An HMAC is not necessarily less computationally intensive. The hashing speed of a hash and the encryption/decryption speed of a cipher are often quite similar. Also, some types of HMAC implementations require decrypting before hashing. The Encrypt-Then-MAC construction first encrypts the payload, then MACs it. The MAC-Then-Encrypt construction first MACs the plaintext, then encrypts it, so verifying the payload requires decrypting it and running a hash over it. Not to mention, it's easier to optimize ciphers than hashes (cached round keys, etc). HMACs are fast, but not that fast. | |
| Feb 1, 2018 at 0:38 | comment | added | Louis | Thanks, Indeed I overlooked HMACs. I assume that verifying a HMAC is less computationally intensive than de-crypting the payload (which we have to do at some point) and verifying a checksum (only somebody with the private key could build such payload). The reason why we use HMAC instead is to mitigate DDOS attacks? | |
| Feb 1, 2018 at 0:27 | vote | accept | Louis | ||
| Jan 31, 2018 at 17:12 | history | answered | ecdsa | CC BY-SA 3.0 |