[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On shared keys

To: IPsec WG <ipsec@lists.tislabs.com>
Subject: Re: On shared keys
From: Arne Ansper <arne@ats.cyber.ee>
Date: Thu, 29 Nov 2001 21:48:04 +0200 (Israel Standard Time)
In-Reply-To: <sjmd721qtiz.fsf@benjamin.ihtfp.org>
Sender: owner-ipsec@lists.tislabs.com



> In essence, you take the pre-shared secret, create a PRNG out of
> the secret using a hash function, and then use a determining
> RSA keypair generator to create the keypair.  Both communicating
> hosts use the same pre-shared secret, and thus end up with the
> same RSA keypair.

in order to end up with the same RSA key on both sides you must
standardize both PRNG and RSA keypair generator. and if one of the
implementations improves it's primality checks then you might have
interoprability problems.

arne

Follow-Ups:

Re: On shared keys

From: Sami Vaarala <sami.vaarala@netseal.com>

References:

Re: On shared keys

From: Derek Atkins <warlord@mit.edu>

Prev by Date: Re: Just Fast Keying (JFK) draft
Next by Date: Re: On shared keys (was RE: SOI: identity protection and DOS)
Prev by thread: Re: On shared keys
Next by thread: Re: On shared keys
Index(es):
- Main
- Thread