| Re: EAP-AKA Key derivation | <– Date –> <– Thread –> |
From: Thomas Otto (t.otto sharevolution.de)
|
|
| Date: Mon, 9 Jan 2006 08:08:39 -0800 (PST) | |
Hi Bernard, all, > I'm actually more concerned about the ability to negotiate KDFs. As you > note, KDFs are increasingly encountering security issues. Unless they can > be negotiated, this is going to cause a problem. > > As I understand it, the IETF is going to be looking at negotiation of KDFs > within protocols such as TLS or IKE. Also, the implication is that future > protocols should enable KDF negotiation. Indeed negotiation seems to be an crucial feature of protocols. I think all this what we discuss here is preparational work for the upcoming EMU work ... if the goal is to standardize EAP methods, then this and similar questions will arise. Let's look at TLS. At the beginning of the handshake, cryptographic parameters are negotiated (actually, a bundle of key exchange, encryption and hash algorithm). But unfortunately, the pseudo-random function relies on MD5 and SHA1. TLS misses to negotiate a PRF. And this is what TLS suffers from. So, I agree with your argument, to consider KDF negotiation as very important feature.
-
EAP-AKA Key derivation Thomas Otto, January 7 2006
-
Re: EAP-AKA Key derivation Jari Arkko, January 9 2006
-
Re: EAP-AKA Key derivation Thomas Otto, January 9 2006
- Re: EAP-AKA Key derivation Bernard Aboba, January 9 2006
- Re: EAP-AKA Key derivation Thomas Otto, January 9 2006
-
Re: EAP-AKA Key derivation Thomas Otto, January 9 2006
-
Re: EAP-AKA Key derivation Jari Arkko, January 9 2006
-
Re: EAP-AKA Key derivation Bernard Aboba, January 9 2006
- Re: EAP-AKA Key derivation Thomas Otto, January 9 2006
-
RE: EAP-AKA Key derivation Salowey, Joe, January 9 2006
- Re: EAP-AKA Key derivation Thomas Otto, January 10 2006
Results generated by Tiger Technologies using MHonArc.