| issue: ciphersuites and key lengths (review of eap-keying-08 by mats naslund) | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Wed, 30 Nov 2005 21:30:29 -0800 (PST) | |
Submitter name: Mats Naslund Submitter email address: Mats.Naslund [at] ericsson.com Reference: (this email) Document: Keying Framework Comment type: T Priority: 1 Section: multiple Rationale/Explanation of issue:
Ciphersuite Independence is a consequence of the principles of Mode Independence and Media Independence.
MN: I don't agree. Suppose that the MSK had been only 80 bits rather than 64 bytes. We could then not have satsified security requirements on 256-bit key cipher suites. Now, the MSK's 64 bytes are so huge that it is sufficient for all "practical" cipher suites. But I still claim it does not follow as a consequnce from Mode and Media independence alone. There is an implict assumption that enough "key entropy" is available.
Since the ciphersuites used to protect data depend on the lower layer, requiring EAP methods have knowledge of lower layer ciphersuites would compromise the principle of Media Independence.
MN: yes, to avoid needing to know key requirements, the MSK has been chosen to be "large enough for all practical use"
Since ciphersuite negotiation occurs in the lower layer, there is no need for ciphersuite negotiation within EAP, and EAP methods generate keying material that is ciphersuite-independent.
MN:...thanks to the fact that the MSK is so large.
-
issue: ciphersuites and key lengths (review of eap-keying-08 by mats naslund) Jari Arkko, November 30 2005
- RE: issue: ciphersuites and key lengths (review of eap-keying-08 by mats naslund) Bernard Aboba, November 30 2005
Results generated by Tiger Technologies using MHonArc.