> Pascal Van Leeuwen wrote: > > I get the impression that > > the IPsec payload can just be random garbage, i.e. it doesn't have to > > decrypt to anything that makes sense and it doesn't have to > > authenticate properly (to facilitate fast generation of such packets by > skipping actual cryptographic operations). > > The next header field is encrypted, so decryption must happen successfully > before the dummy TFC packets can be recognized. Despite that, the RFC
You are correct, it's part of the encrypted IPsec padding. I was caught off-guard by the RFC's remarks on rapid discarding and payload besides the NH field not needing to be "well-formed". > specifies that also authentication check is done before that. See RFC 4303, > section 3.4: Inbound Packet Processing and section 3.4.4.1, step 4. That makes sense if it's encrypted anyway ... guess I shouldn't have quickly read section 2.6 in isolation :-) In any case, our current solutions would indeed properly decrypt and authenticate these dummy packets. Generation and discarding would need to be done externally. Pascal