eap Mailing List: Re: Issue 179: proposed resolution reject

[Florent Bersani (florent.bersani]

Resending it in plain text.
Apologies for the Html

Florent

BERSANI Florent FTRD/DTL wrote:

Hi Uri,

Browsing through the list of open issues on the EAP Keying Framework, I came across yours about the proposed AES-based EAP PRF.

Taking into account the discussions on the IPsec (see http://www.sandelman.ottawa.on.ca/ipsec/2003/03/msg00294.html for the beginning of the thread) and the CFRG mailing list (see http://www1.ietf.org/mail-archive/working-groups/cfrg/current/msg00161.html for the beginning of the thread) where renowned cryptographers (Hugo Krawczyk and Dave Wagner) made some good points IMO, I suggest this issue be rejected for two reasons:

• First, it is not for now IMHO within the scope of the EAP Keying Framework to define such a mechanism ("Algorithms for key derivation or mechanisms for key transport are not specified in this document." as of version 02b);
• Second, as stated above, your proposal did not (yet ;-)) reach consensus within the cryptographic community.

Regards,
Florent

P.S: I absolutely do not mean that such a proposal is not interesting: on the contrary, I think it very valuable to suggest secure key derivation functions (or PRNGs) based on frequent primitives (such as AES)... Indeed, I am currently working on a survey/further analysis of the existing schemes. If you want to follow this discussion off-line or on the CFRG (I do not think it belongs to the EAP mailing list), you are most welcome!
_______________________________________________ eap mailing list eap [at] frascone.com http://mail.frascone.com/mailman/listinfo/eap