Re: [Cfrg] draft-housley-ccm-mode-00.txt

Gé Weijers <Ge.Weijers@Sun.COM> Fri, 16 August 2002 18:49 UTC

Received: from ( [] (may be forged)) by (8.9.1a/8.9.1a) with ESMTP id OAA27726 for <>; Fri, 16 Aug 2002 14:49:38 -0400 (EDT)
Received: (from daemon@localhost) by (8.9.1a/8.9.1) id OAA21537 for; Fri, 16 Aug 2002 14:50:59 -0400 (EDT)
Received: from (localhost []) by (8.9.1a/8.9.1) with ESMTP id OAA21514; Fri, 16 Aug 2002 14:50:41 -0400 (EDT)
Received: from (odin []) by (8.9.1a/8.9.1) with ESMTP id OAA21487 for <>; Fri, 16 Aug 2002 14:50:39 -0400 (EDT)
Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id OAA27691 for <>; Fri, 16 Aug 2002 14:49:17 -0400 (EDT)
Received: from esunmail ([]) by (8.9.3+Sun/8.9.3) with ESMTP id MAA01904 for <>; Fri, 16 Aug 2002 12:50:38 -0600 (MDT)
Received: from xpa-fe1 ([]) by edgemail1.Central.Sun.COM (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTP id <0H0Y00MWE9OENJ@edgemail1.Central.Sun.COM> for; Fri, 16 Aug 2002 12:50:38 -0600 (MDT)
Received: from ([]) by (iPlanet Messaging Server 5.2 HotFix 0.2 (built Apr 26 2002)) with ESMTPSA id <> for; Fri, 16 Aug 2002 12:50:38 -0600 (MDT)
Date: Fri, 16 Aug 2002 11:48:50 -0700
From: =?ISO-8859-1?Q?G=E9?= Weijers <Ge.Weijers@Sun.COM>
Subject: Re: [Cfrg] draft-housley-ccm-mode-00.txt
To: David Wagner <>
Message-id: <>
Organization: Sun Microsystems, Inc.
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
X-Accept-Language: en-us, nl, de-de, de
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv: Gecko/20020508 Netscape6/6.2.3
References: <>
Content-Transfer-Encoding: 7BIT
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Crypto Forum Research Group <>
Content-Transfer-Encoding: 7BIT

David Wagner wrote:

>>An advantage I can see is the use of the same key for both 
>>authentication and encryption. [...] Using the same key 
>>halves the key storage requirements for an 802.11 base station.
>It is easy to achieve the same thing with the standard generic
>composition.  You pick a 128-bit key, and derive the encryption and
>authentication keys separately using a PRF: Ke = F_K(0), Ka = F_K(1).
>This is all very standard, and is done in IPSec and TLS, for instance.
>So I don't see this as an advantage or an disadvantage.
In an embedded environment where space and power are very constrained 
(802.11 card) halving the space requirement and reducing the amount of 
key scheduling that needs to be performed can certainly be helpful. Many 
current generation 802.11b cards lose about 40% throughput when WEP is 
enabled. The simpler the better.


Cfrg mailing list