[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Modular approach to key management f 11/04/94 14:51:15
Reference: Note sent to you on 4 November 1994, 15:33:54 EST
Ted,
I believe I misinterpreted part of your note when I replied to your
comments on the key management note that I posted last week
(remember, we are talking about a modular approach for key management,
where short-lived keys are derived from long-lived ("master") keys):
> That doesn't seem to be a good assumption. You could generate the
> short-lived keys from a public key exchange, or the communicating
> parties may have a long-term symmetric key which they both share with a
> trusted third party (Kerberos).
>
> As near as I can tell, you're proposing that if you use one of these
>schemes, such as Kerberos or X.509 public-key certificates, they be used
> only to establish a long-term shared secret key --- and that long-term
> secret key would only be used to establish short-term session keys.
> Is this a fair characterization?
>
> If so, it would seem that in some cases there will be a needless extra
> indirection in setting up the session key.
>
> - Ted
You're right, and the point is well-taken. As presented, the note
suggests two different types of exchange, as I guess
the main point was to emphasize the need for the two models,
and to separate the functional aspects of the two.
However, in our original proposal (a note posted a couple
of months back) we indicate how the two protocols can be combined to
obtain both a master key (the proposal example was from public key)
and a short-lived key in one shot.
Following our "gradual development of the standard" approach,
the relationship between the two modules requires thorough
consideration and a well-defined interface/API/etc.
We are looking at these issues right now, and hope to be able to
contribute something soon.
Regards,
Juan