[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: representation of IKE DH shared secret

To: "Hilarie Orman" <HORMAN@novell.com>
Subject: Re: representation of IKE DH shared secret
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
Date: Wed, 21 Apr 1999 18:46:08 -0400
cc: ipsec@lists.tislabs.com
In-Reply-To: Message from "Hilarie Orman" <HORMAN@novell.com> of "Wed, 21 Apr 1999 15:02:25 MDT." <s71de888.014@prv-mail20.provo.novell.com>
Sender: owner-ipsec@lists.tislabs.com

> In the spirit of "less is more", I wonder what interest is served
> by specifying the representation of internal values?  You can
> represent g^xy as a decimal string if it is convenient for your
> hardware.

The shared secret g^xy is used in several places as input to a
pseudo-random function.  The prf's I'm familiar with (HMAC-SHA1,
HMAC-MD5) want a byte string as input.

For interoperability you need to agree on the exact sequence of bytes
fed into the prf; it's not a matter of what internal representation is
in use..

					- Bill

Prev by Date: Re: representation of IKE DH shared secret
Next by Date: Re: representation of IKE DH shared secret
Prev by thread: Re: representation of IKE DH shared secret
Next by thread: Re: representation of IKE DH shared secret
Index(es):
- Main
- Thread