[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: deriving keying material from the shared secret
Phil Karn says:
> How critical is the particular hash method used to produce the key
> from the shared secret?
Cannot answer this one - but hash should be stronger than the algorithm(s)
that use the derived key, and hopefully enjoy the same level of trust...
> Too critical to just specify a particular hash
> method for fear that it might become compromised (e.g., MD5)?
I'd say - yes... Plus, it seems to me that there's little benefit
in narrowing the choices down to "one hash function for all"...
--
Regards,
Uri uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>
References: