Channel Protocol: Security

• Design based on IPsec

• Cryptographic security mode:

• • Encrypt-then-MAC + replay protection [IPsec]

• TCP-grade security mode:

• • No encryption
  • MAC = 32-bit checksum + 32-bit “key”
  • • depends on system time [Tomlinson], secret data [Bellovin]
    • stronger protection than TCP: “validity window” size = 1