[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

compare-jfk-sigma.txt



Several people asked me in personal emails about my opinion of JFK,
so after writing enough personal responses I decided to compile the
issues in one document and make it public. It is too long to send 
in an email message (450 lines of text) so I am posting it in the web
http://www.ee.technion.ac.il/~hugo/compare-jfk-sigma.txt
for whoever is interested in the subject.

In this document I comment on the design of JFK with special 
emphasis on its core security and performance aspects.  In addition 
I offer a comparison with SIGMA.  Much of the comparison will 
be relevant to IKEv2, once this protocol adopts the "signed prf" 
cryptographic design of SIGMA.

There are four parts to the document:

A. Background on secure key exchange protocols
B. Weaknesses of JFK and comparison to SIGMA
C. Number of messages and communication latency
D. Specification and implementation complexity

While most of the document discusses cryptographic design
and performance, part D briefly discusses some specification 
issues. In particular, I suggest the possible adoption of
SSL-like approach to negotiation via standarized ciphersuites.
I would like to know what people think about that.

Hugo




Follow-Ups: