Document Action: 'HMAC-based Extract-and-Expand Key Derivation Function (HKDF)' to Informational RFC

The IESG <> Mon, 08 March 2010 21:15 UTC

Return-Path: <>
Received: by (Postfix, from userid 30) id 310E43A6ADF; Mon, 8 Mar 2010 13:15:57 -0800 (PST)
X-idtracker: yes
From: The IESG <>
To: IETF-Announce <>
Subject: Document Action: 'HMAC-based Extract-and-Expand Key Derivation Function (HKDF)' to Informational RFC
Message-Id: <>
Date: Mon, 08 Mar 2010 13:15:57 -0800
Cc: Internet Architecture Board <>, RFC Editor <>
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Mar 2010 21:15:57 -0000

The IESG has approved the following document:

- 'HMAC-based Extract-and-Expand Key Derivation Function (HKDF) '
   <draft-krawczyk-hkdf-01.txt> as an Informational RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Tim Polk.

A URL of this Internet-Draft is:

Technical Summary

   This document specifies a simple HMAC-based key derivation function
   (HKDF) which can be used as a building block in various protocols and
   applications.  The KDF is intended to support a wide range of
   applications and requirements, and is conservative in its use of
   cryptographic hash functions.

Working Group Summary

   This document was not the product of any working group.
   However, this KDF is already specified in several standards
   track RFCs produced by IETF wgs, including IKEv2 (RFC 4306),
   PANA (RFC 5191) and EAP-AKA (RFC 5448).

   In addition, the cfrg reviewed this document at the request
   of the sponsoring AD.  The discussion was lively, but focused
   on additional functionality that could be considered.  The cfrg
   did not identify any changes that were required. 

Document Quality

   This KDF is widely implemented and used in the context of
   specific IETF protocols, especially those that rely on IKEv2.


   Tim Polk is the Document Shepherd for this document and the 
   Responsible Area Director.

RFC Editor Note

Please make the following substitutions:

Section 1:
   It is not intended as a call to change existing protocols.
   It is not intended as a call to change existing protocols,
   and does not change or update existing specifications using
   this KDF.

Section 2.2:
   PRK = HKDF-Extract(salt, IKM)
   HKDF-Extract(salt, IKM) -> PRK

Section 2.3:
   OKM = HKDF-Expand(PRK, info, L)
   HKDF-Expand(PRK, info, L) -> OKM