[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Slicing and Dicing in new-esp

To: sommerfeld@apollo.hp.com
Subject: Re: Slicing and Dicing in new-esp
From: ho@earth.hpc.org (Hilarie Orman)
Date: Fri, 11 Apr 1997 10:41:31 -0400
Cc: ipsec@tis.com
In-reply-to: Yourmessage <199704102326.QAA09456@baskerville.CS.Arizona.EDU>
Sender: owner-ipsec@ex.tis.com

The discussion seems to cover only slicing the key blob, not
inflating.  If the key blob is shorter than the total key length
needed by the transform algorithms, then it must be inflated, and the
inflation should be done on the total key blob, not slices of it.

E.g., integrity needs 160 bits of key, encryption needs 112, the key blob
is 200 bits.  I've recommended using something like

K' = hash(K,0) | hash(K,1)

as the inflated key blob, and then 160 and 112 can be sliced from  K',
assuming that the output of the hash function is large enough.  And the
hash function is the one used for the key negotiation.

BTW, it's not obvious to me that having encryption and integrity use
the same key blob is so very awful.

Hilarie

Follow-Ups:

Re: Slicing and Dicing in new-esp

From: Bill Sommerfeld <sommerfeld@apollo.hp.com>

Re: Slicing and Dicing in new-esp

From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

Prev by Date: Re: IPSec MIB
Next by Date: isakmp doubts
Prev by thread: Re: Slicing and Dicing in new-esp
Next by thread: Re: Slicing and Dicing in new-esp
Index(es):
- Main
- Thread