[Cfrg] Re: [saag] KDF: Randomness extraction vs. key expansion
Bill Sommerfeld <sommerfeld@sun.com> Fri, 28 October 2005 20:58 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EVbJI-0004qq-Cv; Fri, 28 Oct 2005 16:58:48 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EVbJF-0004qf-MD for cfrg@megatron.ietf.org; Fri, 28 Oct 2005 16:58:46 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA19320 for <cfrg@ietf.org>; Fri, 28 Oct 2005 16:58:29 -0400 (EDT)
Received: from brmea-mail-4.sun.com ([192.18.98.36]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EVbWq-0004wm-ER for cfrg@ietf.org; Fri, 28 Oct 2005 17:12:51 -0400
Received: from eastmail2bur.East.Sun.COM ([129.148.13.40]) by brmea-mail-4.sun.com (8.12.10/8.12.9) with ESMTP id j9SKwfD7003359; Fri, 28 Oct 2005 14:58:41 -0600 (MDT)
Received: from thunk.east.sun.com (thunk.East.Sun.COM [129.148.174.66]) by eastmail2bur.East.Sun.COM (8.12.10+Sun/8.12.10/ENSMAIL,v2.2) with ESMTP id j9SKwdWa000028; Fri, 28 Oct 2005 16:58:40 -0400 (EDT)
Received: from 127.0.0.1 (localhost [127.0.0.1]) by thunk.east.sun.com (8.13.4+Sun/8.13.4) with ESMTP id j9SKwdRo007967; Fri, 28 Oct 2005 16:58:39 -0400 (EDT)
From: Bill Sommerfeld <sommerfeld@sun.com>
To: canetti <canetti@watson.ibm.com>
In-Reply-To: <Pine.A41.4.58.0510281538050.38438@prf.watson.ibm.com>
References: <Pine.A41.4.58.0510281538050.38438@prf.watson.ibm.com>
Content-Type: text/plain
Message-Id: <1130533119.7684.133.camel@thunk>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.6.323
Date: Fri, 28 Oct 2005 16:58:39 -0400
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464
Content-Transfer-Encoding: 7bit
Cc: saag@mit.edu, cfrg@ietf.org
Subject: [Cfrg] Re: [saag] KDF: Randomness extraction vs. key expansion
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Sender: cfrg-bounces@ietf.org
Errors-To: cfrg-bounces@ietf.org
On Fri, 2005-10-28 at 15:48, canetti wrote: > * Randomness extraction: taking an input with "high computational entropy" > and generating from it a pseudorandom value. > > * Key expansion: taking a short pseudorandom value and extending it to a > longer pseudorandom value, here the output length is variable anddepends > on the application. Some plumbing-level questions: you suggested that random nonces should go into the first stage. would non-random context/identity inputs go there, too? and: would it ever be appropriate to use multiple stages of key expansion? for instance: [diffie-hellman] -> [randomness extraction] -> [key expansion] -> (A, B, C) A -> [key expansion] -> (A1, A2, A3) B -> [key expansion] -> (B1, B2, B3) C -> [key expansion] -> (C1, C2, C3) - Bill _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] KDF: Randomness extraction vs. key expansi… canetti
- [Cfrg] KDF: Randomness extraction vs. key expansi… David Wagner
- [Cfrg] On using ROs for analyzing randomness extr… canetti
- [Cfrg] Re: [saag] KDF: Randomness extraction vs. … Bill Sommerfeld
- Re: [Cfrg] KDF: Randomness extraction vs. key exp… canetti
- [Cfrg] KDF: Randomness extraction vs. key expansi… David Wagner
- [Cfrg] Re: [saag] KDF: Randomness extraction vs. … canetti
- [Cfrg] Re: [saag] KDF: Randomness extraction vs. … Nicolas Williams
- Re: [Cfrg] KDF: Randomness extraction vs. key exp… D. J. Bernstein
- Re: [saag] Re: [Cfrg] KDF: Randomness extraction … canetti
- Re: [saag] Re: [Cfrg] KDF: Randomness extraction … D. J. Bernstein
- Re: [saag] Re: [Cfrg] KDF: Randomness extraction … canetti