[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Problem+fix in Zero Message Master Key update
Ashar and other ZKIP-interested IPSECers,
A small comment on Ashar's proposal in the foils presented in the last
IETF on master key update. Ashar proposed to use Kijn=g^n*i*j, where
n=1,2,3,....
A problem with this is that Kijn may sometimes be deduced from Kijl, where
l<n, e.g. Kij2=(kij1)^2.
It is simple to solve this (also more efficiently) by
Kijn=h(g^ij,n)
where h is our favorite one way hash (i.e. MD5...)
Best, Amir
References: