| RE: EAP-AKA Key derivation | <– Date –> <– Thread –> |
From: Salowey, Joe (jsalowey cisco.com)
|
|
| Date: Mon, 9 Jan 2006 08:43:19 -0800 (PST) | |
At the time of development of EAP-AKA and EAP-SIM we received comments on using a standard PRF. This was the recommendation from NIST on a PRF so we adopted it. I don't believe it to be any better or worse than PRF+ using HMAC-SHA1 used in IKEv2 but at the time PRF+ was not standardized. SIM manufacturers have built EAP-SIM into smart cards, I don't remember if this came as a request from them or not. Joe > -----Original Message----- > From: Thomas Otto [mailto:t.otto [at] sharevolution.de] > Sent: Monday, January 09, 2006 7:58 AM > To: eap [at] frascone.com > Subject: Re: [eap] EAP-AKA Key derivation > > Hi Bernard, all, > > > It is very common for IETF specifications to reference cryptographic > > functions defined outside of the IETF. Examples include > AES and DES, both > > of which are defined in NIST documents. > > This may be, but in the IETF, also appropriate mechanisms > have been developed. > As I said before, for instance the prf+ in IKEv2. > > So why abstain from using this PRF? The HMAC construction > seems much more > comprehensible than the DSS-PRF. > > Is there a particular advantage which I haven't recognized? > IS the DSS-PRF > built-in in the USIM, for instance? This would be an > argument, to re-use the > implementation. > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: > http://lists.frascone.com/mailman/listinfo/eap > > Arhives: http://lists.frascone.com/pipermail/eap >
- Re: EAP-AKA Key derivation, (continued)
- Re: EAP-AKA Key derivation Bernard Aboba, January 9 2006
- Re: EAP-AKA Key derivation Thomas Otto, January 9 2006
- Re: EAP-AKA Key derivation Thomas Otto, January 9 2006
- Re: EAP-AKA Key derivation Thomas Otto, January 10 2006
Results generated by Tiger Technologies using MHonArc.