[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shared Secret mismatch in AM3/MM5

To: Ricky Charlet <rcharlet@redcreek.com>
Subject: Re: Shared Secret mismatch in AM3/MM5
From: Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
Date: Tue, 2 Nov 1999 00:56:43 +0100
Cc: ipsec@lists.tislabs.com, Andrew Krywaniuk <akrywaniuk@TimeStep.com>
In-Reply-To: <38188EC5.D30BBAC0@redcreek.com>
References: <319A1C5F94C8D11192DE00805FBBADDFEC8E1B@exchange> <38188EC5.D30BBAC0@redcreek.com>
Sender: owner-ipsec@lists.tislabs.com

On Thu, Oct 28, 1999 at 05:58:29PM +0000, Ricky Charlet wrote:
> Why is SKEYID defined that way? What were the
> modivators? And specifically why is SKEYID not some direct derivation of
> g^xy in all cases? Are there pointers to reference material?

Please read the mailing list archive, reference material is:
 Message-Id: <199703250446.XAA49412@mailhub1.watson.ibm.com>
 Message-Id: <199709290728.KAA23246@ee.technion.ac.il>
 Content-ID: <11917.901560442.1@cisco.com>
 Message-ID: <Pine.SOL.3.93.980818120151.21486F-100000@ee.technion.ac.il>

In <11917.901560442.1@cisco.com> Daniel Harkins wrote:

> Hugo Krawczyk (a cryptographer) suggested the -02 to -03 key derivation
> changes. His rationale was to _directly_ authenticate SKEYID. Therefore
> information known only to the peers should be included in the computation.
> For the encrypted nonce method of authentication, including the plain-text
> nonces in SKEYID satisfies this; in pre-shared key authentication, including
> the pre-shared key in SKEYID satisfies this. Signature based authentication
> does not have anything known only to the peers and Hugo said that it is
> weaker because of it.

-markus

Prev by Date: Re: IPSEc VPN Client for Apple Mac?
Next by Date: Re: Phase 2 ID's for different VPN's with different Address Space
Prev by thread: RE: IPSEc VPN Client for Apple Mac?
Next by thread: Re: -ipsec-pki-req-03 - EKU's
Index(es):
- Main
- Thread