[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Generating Keying Material

To: "David Faucher" <dfaucher@lucent.com>
Subject: Re: Generating Keying Material
From: Charlie_Kaufman@notesdev.ibm.com
Date: Sun, 24 Nov 2002 21:24:14 -0500
Cc: ipsec@lists.tislabs.com, owner-ipsec@lists.tislabs.com
In-Reply-To: <015301c28ce3$d8697550$23f22b42@mv.lucent.com>
Sender: owner-ipsec@lists.tislabs.com





> Section 4.3 of draft-ietf-ipsec-ikev2-03.txt states
>
>    "Keying material will always be derived as the output of the
>    negotiated prf algorithm. If the amount of keying material is greater
>    than the size of the output of the prf algorithm, we will use the prf
>    iteratively..."
>
> Rather than having two methods for generating key material (based on the
> size of key material needed vs. the size of the prf output), wouldn't it
> easier to have prf+ generate a pseudo-random stream from which all key
> material is taken?
>
> Keeps it simple and straight forward.
>
> David

Oops. When I changed the iterative use of prf to prf+, I forgot to update
this text. Switching between two methods was never intended, and there
is no specification as to how the prf would be used if its output were
large enough.

I'll fix it.

          --Charlie

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

References:
- Generating Keying Material
  - From: "David Faucher" <dfaucher@lucent.com>

Prev by Date: Changing the cookie order in IKEv2
Next by Date: Protection against DoS attack
Prev by thread: Re: Generating Keying Material
Next by thread: Traffic Selectors
Index(es):
- Date
- Thread