[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION: draft-cruickshank-ipdvb-sec-req-01.txt



Hi William,

The draft (draft-ppillai-ipdvb-sule-00.txt) that I submitted a few days back
(3rd May) was to look into how the different security requirements of data
confidentiality, data authentication, data integrity and replay attacks
prevention can be met by using a modified ULE SNDU. It is not intended to be a
?security requirement? draft. The reason why I have added the security
requirement section in my draft is because the security requirements draft
(draft-cruickshank-ipdvb-sec-req-00.txt) that was submitted a few months back
did not address all these security requirements.

The new revision of the security draft (draft-cruickshank-ipdvb-sec-req-01.txt)
submitted on the 9th of May now addresses the need for these different security
features.

I agree with you that there are performance issues when security overheads would
be added to ULE. But this is a price that one has to pay to get the security
services. It is a trade-off. Also there are several hardware accelerators
present that do enhance the performances of these security algorithms (both for
encryption and generation of MACs)

Regards
Prashant Pillai



Quoting William Stanislaus <williams@calsoft.co.in>:

> Hello,
> I'm a bit confused, sometime before we received similar draft from P.Pillai
> on the same area ( secure ULE).
> The security requirements discussed by "draft-ppillai-ipdvb-sule-00.txt" are
> already discussed in detail by "draft-cruickshank-ipdvb-sec-req-01.txt".
>
> In general, the DVB terminals are just a forwarders i.e. Forwards IP packets
> from DVB interface to Ethernet interface (DVB-S/DVB-RCS) and forwards IP
> packets from Ethernet interface to DVB interface (DVB-RCS). They don't do
> much packet processing, that makes the DVB terminal simple and cheaper in
> performance. I was wondering there was no discussion in these drafts about
> the performance issues by implementing these security encryptions and
> decryptions. In these drafts it was referred to IPSEC and its
> functionalities, but at the same time we should not forget the IPSEC
> performance degrades and hardware based accelerators
>
> Best Regards,
> William Stanislaus | Technical Consultant
> Nortel Networks Division | CalSoft
> email: williams@calsoft.co.in | Mobile: (+91) 98409 10581
> SkypeIn (VoIP): +1 (650) 515 3738
> www.californiasw.com
>
>
>
>
> > From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
> > Reply-To: <ipdvb@erg.abdn.ac.uk>
> > Date: Thu, 11 May 2006 10:23:24 +0100
> > To: "ipdvb@erg.abdn.ac.uk" <ipdvb@erg.abdn.ac.uk>
> > Conversation: I-D ACTION: draft-cruickshank-ipdvb-sec-req-01.txt
> > Subject: I-D ACTION: draft-cruickshank-ipdvb-sec-req-01.txt
> >
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> > directories.
> >
> >
> >     Title        : Security requirements for the Unidirectional
> >                    Lightweight Encapsulation (ULE) protocol
> >     Author(s)    : H. Cruickshank, S. Iyengar, L. Duquerroy
> >     Filename     : draft-cruickshank-ipdvb-sec-req-01.txt
> >     Pages        : 13
> >     Date         : 2006-5-09
> >
> >
> >    This document provides a threat analysis and derives security
> >    requirements for MPEG-2 transmission links using the Unidirectional
> >    Lightweight Encapsulation (ULE). It also provides the motivation for
> >    ULE link level security. This work is intended as a work item of the
> >    ipdvb WG, and contributions are sought from the IETF on this topic.
> >
> >
> > A URL for this Internet-Draft is:
> > http://www.ietf.org/internet-drafts/draft-cruickshank-ipdvb-sec-req-01.txt
> >
> > Internet-Drafts are also available by anonymous FTP. Login with the
> username
> > "anonymous" and a password of your e-mail address. After logging in,
> > type "cd internet-drafts" and then
> >     "get draft-cruickshank-ipdvb-sec-req-01.txt".
> >
> > A list of Internet-Drafts directories can be found in
> > http://www.ietf.org/shadow.html
> > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> >
> >
> > Best wishes,
> >
> > G Fairhurst
> > (ipdvb WG Chair)
> >
> >
> >
>
>
>


-- 
Prashant Pillai
Research Assistant
School of Engineering, Design and Technology
University of Bradford
Bradford, BD7 1DP
West Yorkshire
United Kingdom
Phone: 0044-1274-233720
email: p.pillai@bradford.ac.uk
------------------------------------------------------------
This mail sent through IMP: http://webmail.brad.ac.uk
To report misuse from this email address forward the message
and full headers to misuse@bradford.ac.uk
------------------------------------------------------------