|Main Archive Page > Month Archives > ipsec archives|
>I would also like to take the occasion to say that we have made some
>efforts to extend the Traffic Flow Confidentiality capabilities of
>IPsec. In our research we were trying to create a separate TFC
>security protocol, which goes beyond the limited TFC capabilities
>that were already included in ESPv3. We have included support for
>size modifications such as padding (with explicit payload size
>information), fragmentation and aggregation. It also supports packet
>re-timing, as well as dummy generation and discarding. Finally, the
>choice of the masking algorithm combining one or more of these basic
>tools is handled separately.
Since 4303 already provides for arbitrary padding, and efficient dummy packet generation and discarding, presumably the additional features to which you refer are a management interface to control these extant features, plus packet re-timing and the fragmentation and aggregation features that help optimize channel bandwidth?