[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: deriving keying material from the shared secret

To: karn@qualcomm.com
Subject: Re: deriving keying material from the shared secret
From: Uri Blumenthal <uri@watson.ibm.com>
Date: Tue, 9 Jul 1996 11:10:59 -0400 (EDT)
Cc: ipsec@TIS.COM
In-Reply-To: <199607090459.VAA14902@unix.ka9q.ampr.org> from "Phil Karn" at Jul 8, 96 09:59:44 pm
Reply-To: uri@watson.ibm.com
Sender: ipsec-approval@neptune.tis.com

Phil Karn says:
> How critical is the particular hash method used to produce the key
> from the shared secret?

Cannot answer this one - but hash should be stronger than the algorithm(s)
that use the derived key, and hopefully enjoy the same level of trust...

> Too critical to just specify a particular hash
> method for fear that it might become compromised (e.g., MD5)?

I'd say - yes... Plus, it seems to me that there's little benefit
in narrowing the choices down to "one hash function for all"...
-- 
Regards,
Uri		uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>

References:

Re: deriving keying material from the shared secret

From: Phil Karn <karn@unix.ka9q.ampr.org>

Prev by Date: Re: deriving keying material from the shared secret
Next by Date: Re: Authentication using ESP in Transport Mode
Prev by thread: Re: deriving keying material from the shared secret
Next by thread: Re: deriving keying material from the shared secret
Index(es):
- Main
- Thread