Presentation is loading. Please wait.

Presentation is loading. Please wait.

May 2002 Dave Smith – The New Hewlett PackardSlide 1 doc.: IEEE 802.11-02/319r0 Submission AES Modes Dave Smith The New Hewlett Packard Company 8000 Foothills.

Similar presentations


Presentation on theme: "May 2002 Dave Smith – The New Hewlett PackardSlide 1 doc.: IEEE 802.11-02/319r0 Submission AES Modes Dave Smith The New Hewlett Packard Company 8000 Foothills."— Presentation transcript:

1 May 2002 Dave Smith – The New Hewlett PackardSlide 1 doc.: IEEE /319r0 Submission AES Modes Dave Smith The New Hewlett Packard Company 8000 Foothills Blvd. Roseville, CA (916)

2 May 2002 Dave Smith – The New Hewlett PackardSlide 2 doc.: IEEE /319r0 Submission AES Modes The paramount objectives for i are: –Trustworthy and reliable security. –Open and free deployability. –Earliest possible definition already has a black eye. –Many customers now have no choice but to turn to VPN solutions for adequate security. The security has got to be right in the next draft. Having to go back to the drawing board a third time would likely result in the majority of users staying with VPN forever.

3 May 2002 Dave Smith – The New Hewlett PackardSlide 3 doc.: IEEE /319r0 Submission AES Modes OCB is relatively new and untried. In the OCB authors' own words: "We have found schemes of this sort to be amazingly 'fragile' -- tweak them a little and they break." History would indicate that the security of OCB is not without some risk. OCB in time may turn out to be both superior to and as secure as CBC-MAC. At present, however, there is not unanimity among security and cryptography experts that it is risk free.

4 May 2002 Dave Smith – The New Hewlett PackardSlide 4 doc.: IEEE /319r0 Submission AES Modes OCB offers no compelling performance advantage at speeds. –At gigabit speeds, rather than speeds, the performance advantage of OCB would be a more important factor. Even if implemented in software, and if could be driven continuously at full speed (which it can't), less than 3% of a McKinley would be used for CBC-MAC, vs less than 1.7% for OCB. In hardware, where the authentication-encryption almost always will be done, the encryption hardware probably has a duty cycle of less than five percent.

5 May 2002 Dave Smith – The New Hewlett PackardSlide 5 doc.: IEEE /319r0 Submission AES Modes Key management protocols probably will take the longest time to define. –Key management always has been a more difficult and lengthy problem than cryptographic mode-of-operation protocols.

6 May 2002 Dave Smith – The New Hewlett PackardSlide 6 doc.: IEEE /319r0 Submission AES Modes The New HP supports CBC-MAC. –A CBC-MAC choice is unlikely to lengthen the schedule critical path. In HP's view, the security risks attendant to an OCB choice conflict with the paramount objectives. There is no reason or need to take these risks.


Download ppt "May 2002 Dave Smith – The New Hewlett PackardSlide 1 doc.: IEEE 802.11-02/319r0 Submission AES Modes Dave Smith The New Hewlett Packard Company 8000 Foothills."

Similar presentations


Ads by Google