Hi There
This is dependent on what level the encryption is being done.
The IPSEC specifications require that a IPSEC packet MUST be
deciphered on a packet by packet basis. (That is assuming you
have a WHOLE packet. IP fragments must be reconstructed first).
Any IV needed to decrypt are included as part of the IPSEC
payload.
If your using session/application encryption (SSH, SSL/TLS, PGP,
S/MIME) then you need to work at the application level to decrypt.
Personal Opinions Provided By
Leonard Miyata
aka [EMAIL PROTECTED]
On Thu, 23 Sep 1999, Robert L. Moore wrote:
> Folks:
>
> OK, ok, so this isn't *exactly* a firewall question,
> but it is closely related! I understand most encryption
> algorithms that IPsec and protocols use, but I have a very
> specific question that I can't quite find in any
> article/book
> that I've purused on the subject....
>
> If you look at any given packet's payload and you have
> the proper keys, can you decipher the payload of this
> specific
> packet...or do you need some other portion of the encrypted
> stream? That is, can I decrypt on the fly on a
> packet-by-packet
> basis or do I need to keep track of the session and
> accumulate
> some portion (or all) of the application data before
> decrypting?
> (I'm talking here about Ethernet packets, but I guess that
> doesn't
> really matter).
>
> Robert
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
