Re: allocation of key material into keys
Bill Sommerfeld <sommerfeld@apollo.hp.com> Mon, 28 October 1996 20:24 UTC
Received: from relay.hq.tis.com by neptune.TIS.COM id aa20262; 28 Oct 96 15:24 EST
Received: by relay.hq.tis.com; id PAA11709; Mon, 28 Oct 1996 15:29:08 -0500
Received: from clipper.hq.tis.com(10.33.1.2) by relay.tis.com via smap (V3.1.1) id xmaa11692; Mon, 28 Oct 96 15:28:39 -0500
Received: from relay.hq.tis.com (firewall-user@relay.hq.tis.com [10.33.1.1]) by clipper.hq.tis.com (8.7.5/8.7.3) with SMTP id PAA03432 for <ipsec@tis.com>; Mon, 28 Oct 1996 15:30:31 -0500 (EST)
Received: by relay.hq.tis.com; id PAA11685; Mon, 28 Oct 1996 15:28:36 -0500
Received: from capone.ch.apollo.hp.com(15.254.24.3) by relay.tis.com via smap (V3.1.1) id xma011672; Mon, 28 Oct 96 15:28:29 -0500
Received: from thunk.orchard.medford.ma.us (thunk.ch.apollo.hp.com) by capone.ch.apollo.hp.com id <AA166384614@capone.ch.apollo.hp.com>; Mon, 28 Oct 1996 15:30:14 -0500
Received: from thunk (sommerfeld@localhost) by thunk.orchard.medford.ma.us (8.7.5/8.6.12) with ESMTP id PAA03172; Mon, 28 Oct 1996 15:29:55 -0500 (EST)
Message-Id: <199610282029.PAA03172@thunk.orchard.medford.ma.us>
X-Authentication-Warning: thunk.orchard.medford.ma.us: sommerfeld owned process doing -bs
To: Ran Atkinson <rja@cisco.com>
Cc: ipsec@TIS.COM
Subject: Re: allocation of key material into keys
In-Reply-To: rja's message of Mon, 28 Oct 1996 11:21:23 -0800. <199610281921.LAA27635@cornpuffs.cisco.com>
Date: Mon, 28 Oct 1996 15:29:06 -0500
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk
Here's a rephrase which I think is more precise. Let me know if this
is not what you intended..
I'd like to propose that the key management protocol
specifications only be responsible for generating a "blob" of
key material at least N bits long containing at least K bits of
entropy. For obvious reasons, K <= N.
Each transform would need to specify minimum values for K and
N, and precisely how to transform a variable-length "blob"
of key material of at least N bits into the session keys, initial
sequence numbers, and other shared state it needs.
---
I think this is also more-or-less what Hilary suggested last week some
time. She used "VPI" instead of "blob", but I don't think that's an
important difference here.. :-)
- Bill
- allocation of key material into keys Ran Atkinson
- Re: allocation of key material into keys Bill Sommerfeld
- Re: allocation of key material into keys C. Harald Koch
- Re: allocation of key material into keys Bill Sommerfeld
- Re: allocation of key material into keys Naganand Doraswamy
- Re: allocation of key material into keys David Carrel