[Hipsec] a brief review of draft-zhang-hip-privacy-protection-04
zhou.sujing@zte.com.cn Fri, 03 February 2012 09:39 UTC
Return-Path: <zhou.sujing@zte.com.cn>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C19C821F8576 for <hipsec@ietfa.amsl.com>; Fri, 3 Feb 2012 01:39:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.014
X-Spam-Level:
X-Spam-Status: No, score=-100.014 tagged_above=-999 required=5 tests=[AWL=1.824, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_DOUBLE_IP_LOOSE=0.76, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vx+1imP7Wix5 for <hipsec@ietfa.amsl.com>; Fri, 3 Feb 2012 01:39:00 -0800 (PST)
Received: from mx5.zte.com.cn (mx6.zte.com.cn [95.130.199.165]) by ietfa.amsl.com (Postfix) with ESMTP id 958DC21F84E7 for <hipsec@ietf.org>; Fri, 3 Feb 2012 01:38:59 -0800 (PST)
Received: from [10.30.17.99] by mx5.zte.com.cn with surfront esmtp id 566902133923422; Fri, 3 Feb 2012 17:13:11 +0800 (CST)
Received: from [10.30.3.21] by [192.168.168.15] with StormMail ESMTP id 5467.2133923422; Fri, 3 Feb 2012 17:38:47 +0800 (CST)
Received: from notes_smtp.zte.com.cn ([10.30.1.239]) by mse02.zte.com.cn with ESMTP id q139ch79020707 for <hipsec@ietf.org>; Fri, 3 Feb 2012 17:38:43 +0800 (GMT-8) (envelope-from zhou.sujing@zte.com.cn)
To: hipsec@ietf.org
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 6.5.6 March 06, 2007
Message-ID: <OF1997801B.A7E1FAE1-ON48257999.0034D152-48257999.0034F557@zte.com.cn>
From: zhou.sujing@zte.com.cn
Date: Fri, 03 Feb 2012 17:38:30 +0800
X-MIMETrack: Serialize by Router on notes_smtp/zte_ltd(Release 8.5.1FP4|July 25, 2010) at 2012-02-03 17:38:46, Serialize complete at 2012-02-03 17:38:46
Content-Type: multipart/alternative; boundary="=_alternative 0034F55748257999_="
X-MAIL: mse02.zte.com.cn q139ch79020707
Subject: [Hipsec] a brief review of draft-zhang-hip-privacy-protection-04
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2012 09:39:00 -0000
1. what is HI-I and HI-R, what's the diff with HIT-I and HIT-R?
2. since the key to encrypt HI-I in calculating I2 is derived from HIT-R,
B-HIT-I:
" Key1=SHA1 (KDH, HIT-R, B-HIT-I, 1), ...
Keyn=SHA1 (KDH, HIT-R, B-HIT-I, n),"
how can initiator calculate the key before he obtain R2?
3. since the key of Encrypt {HI-R} is also calculated from HI(T)-R,
then how can HI(T)-R be decrypted?
4. Only knowing HIT-I or HIT-R can not verify the signature since HIT is
only a hash of required public key,
so public key need to be transported.
5. In an example of HIP, a puzzle is specified as:
"I = Ltrunc( RHASH ( S | HIT-I | HIT-R | IP-I | IP-R ), 64)"
so, HIT-I and HIT-R are needed to compute and precompute a puzzle, so how
puzzle of this like be (pre)computed in
R1?
Regards~~~
-Sujing