[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKEv2 use of HMAC-SHA-1 for Key Derivation
Hilarie, can you clarify what you mean by your comment below?
In particular, what is wrong if K is large and what
do you mean by "blocksize" in this context?
Thanks,
Hugo
On Tue, 26 Nov 2002, The Purple Streak, Hilarie Orman wrote:
> The HMAC construction is not necessary for key derivation, but both
> methods are wrong if K is large (in size and entropy) and security
> requirements dictate that a derived key must have more entropy than
> 2^(blocksize). This is a persistently misunderstood issue.
>
> Hilarie
>
>