| Re: Strawman -10/EMSK deletion requirement? | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Thu, 9 Mar 2006 10:01:20 -0800 (PST) | |
Glen Zorn (gwz) wrote: > >>> >>> >>The problem is that since EMSK is the root, its compromise will lead >>to the compromise of all derived keys. This also holds locally for >>the AMSK_root_0 approach. That is, if AMSK_root_0 is compromised then >>any keys derived from that root are compromised (but not keys in >>other apps). >> >> > >I guess I'm just confused, then (not a first!). I thought that the major >problem was that it is basically impossible to no which (if any) >_applications_ a person would choose to use during a session. If that is >accurate, I can't really see how the AMSK_root_0 approach solves the problem. >If that's not the problem, what is? > > Oh. Maybe I was confused. AMSK_root_0 does not solve that problem. It solves the problem that if your application requires multiple keys (as in fast handoff to AP2, AP3, etc) then you still only need one AMSK from the EMSK for the application. That AMSK_root_0 can then be used to generate all the keys that the application in question needs. --Jari
- RE: Strawman -10/EMSK deletion requirement?, (continued)
- RE: Strawman -10/EMSK deletion requirement? Narayanan, Vidya, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Narayanan, Vidya, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 9 2006
-
RE: Strawman -10/EMSK deletion requirement? Glen Zorn (gwz), March 9 2006
- Re: Strawman -10/EMSK deletion requirement? Jari Arkko, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Glen Zorn (gwz), March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Narayanan, Vidya, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 9 2006
Results generated by Tiger Technologies using MHonArc.