| Issue 179: proposed resolution reject | <– Date –> <– Thread –> |
From: Florent Bersani (florent.bersani francetelecom.com)
|
|
| Date: Tue, 16 Dec 2003 01:41:32 -0600 (CST) | |
Hi Uri,
Browsing through the list of open issues on the EAP Keying Framework, I came across yours about the proposed AES-based EAP PRF.
Taking into account the discussions on the IPsec (see http://www.sandelman.ottawa.on.ca/ipsec/2003/03/msg00294.html for the beginning of the thread) and the CFRG mailing list (see http://www1.ietf.org/mail-archive/working-groups/cfrg/current/msg00161.html for the beginning of the thread) where renowned cryptographers (Hugo Krawczyk and Dave Wagner) made some good points IMO, I suggest this issue be rejected for two reasons:
Florent
P.S: I absolutely do not mean that such a proposal is not interesting: on the contrary, I think it very valuable to suggest secure key derivation functions (or PRNGs) based on frequent primitives (such as AES)... Indeed, I am currently working on a survey/further analysis of the existing schemes. If you want to follow this discussion off-line or on the CFRG (I do not think it belongs to the EAP mailing list), you are most welcome!
Browsing through the list of open issues on the EAP Keying Framework, I came across yours about the proposed AES-based EAP PRF.
Taking into account the discussions on the IPsec (see http://www.sandelman.ottawa.on.ca/ipsec/2003/03/msg00294.html for the beginning of the thread) and the CFRG mailing list (see http://www1.ietf.org/mail-archive/working-groups/cfrg/current/msg00161.html for the beginning of the thread) where renowned cryptographers (Hugo Krawczyk and Dave Wagner) made some good points IMO, I suggest this issue be rejected for two reasons:
- First, it is not for now IMHO within the scope of the EAP Keying Framework to define such a mechanism ("Algorithms for key derivation or mechanisms for key transport are not specified in this document." as of version 02b);
- Second, as stated above, your proposal did not (yet ;-)) reach consensus within the cryptographic community.
Florent
P.S: I absolutely do not mean that such a proposal is not interesting: on the contrary, I think it very valuable to suggest secure key derivation functions (or PRNGs) based on frequent primitives (such as AES)... Indeed, I am currently working on a survey/further analysis of the existing schemes. If you want to follow this discussion off-line or on the CFRG (I do not think it belongs to the EAP mailing list), you are most welcome!
-
Issue 179: proposed resolution reject Florent Bersani, December 15 2003
-
Re: Issue 179: proposed resolution reject Florent Bersani, December 18 2003
- Re: Issue 179: proposed resolution reject Florent Bersani, December 18 2003
-
Re: Issue 179: proposed resolution reject Florent Bersani, December 18 2003
Results generated by Tiger Technologies using MHonArc.