[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problem+fix in Zero Message Master Key update

To: ashar@osmosys.incog.com (Ashar Aziz)
Subject: Problem+fix in Zero Message Master Key update
From: " " <amir@watson.ibm.com>
Date: Tue, 03 Jan 1995 16:47:14 -0500
Cc: amir@watson.ibm.com, ipsec@ans.net
In-Reply-To: Your message of "Tue, 03 Jan 1995 12:24:02 PST." <9501032024.AA09857@miraj.>


Ashar and other ZKIP-interested IPSECers,

A small comment on Ashar's proposal in the foils presented in the last
IETF on master key update. Ashar proposed to use Kijn=g^n*i*j, where
n=1,2,3,....

A problem with this is that Kijn may sometimes be deduced from Kijl, where
l<n, e.g. Kij2=(kij1)^2.

It is simple to solve this (also more efficiently) by

Kijn=h(g^ij,n)

where h is our favorite one way hash (i.e. MD5...)

Best, Amir

References:

Re: Proposal: Perfect forward secrecy (on SKIP)

From: ashar@osmosys.incog.com (Ashar Aziz)

Prev by Date: Re: Proposal: Perfect forward SECURITY
Next by Date: Re: Proposal: Perfect forward SECURITY
Prev by thread: Re: Proposal: Perfect forward SECURITY
Next by thread: Re: Problem+fix in Zero Message Master Key update
Index(es):
- Main
- Thread