[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Generating Keying Material
David Faucher wrote:
>
> Section 4.3 of draft-ietf-ipsec-ikev2-03.txt states
>
> "Keying material will always be derived as the output of the
> negotiated prf algorithm. If the amount of keying material is greater
> than the size of the output of the prf algorithm, we will use the prf
> iteratively..."
>
> Rather than having two methods for generating key material (based on the
> size of key material needed vs. the size of the prf output), wouldn't it
> easier to have prf+ generate a pseudo-random stream from which all key
> material is taken?
My understanding of PRF is that it produces a pseudo-random STREAM.
Otherwise it's not a PRF! (:-)
We can talk about it at the meeting, or at CFRG.
> Keeps it simple and straight forward.
Strongly agree.