Subject: Re: CVS commit: src/sys/netinet
To: Perry E. Metzger <>
From: Steven M. Bellovin <>
List: tech-crypto
Date: 09/06/2003 20:20:00
In message <>, "Perry E. Metzger" writes:
>David Laight <> writes:
>> - sequences where values are guaranteed not to be reproduced
>> - random values
>One way to do this is encrypting a counter with a 32 bit block cipher,
>but until a few minutes ago I was unaware of any. (Now I've learned of
>one on the cryptography mailing list.)

Right, but some uses for such things have stronger non-repitition 
requirements.  For example, the TCP initial sequence number shouldn't 
repeat for 2*maximum segment lifetime.  The IPid field shouldn't repeat 
for somewhat longer than the fragment lifetime on the receiving system.

		--Steve Bellovin,