[strongSwan] Why "IV" is sent in null encrypted ESP packet
Shashidhar Patil
shashi_patil77 at yahoo.com
Sun Jun 23 10:37:40 CEST 2013
Hi,
When I cpature the null encrypted ESP packet (HMAC-sha1 is used for authentication), I observed
"Initialization vector" of 8 bytes size in the ESP header.
I was under the impression that IV is not needed for null encrypted packets.
And the HMAC and sha-1 hashing algorithms won't need any IV.
correct me if I'm wrong.
Could you please explain the reason for this ?
configuration used in ipsec.conf for this was "esp=null-sha1".
Best Regards,
______________
Shashidhar Patil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130623/257a2d9c/attachment.html>
More information about the Users
mailing list