allocation of key material into keys
Ran Atkinson <rja@cisco.com> Mon, 28 October 1996 23:39 UTC
Received: from cnri by ietf.org id ab27254; 28 Oct 96 18:39 EST
Received: from neptune.hq.tis.com by CNRI.Reston.VA.US id aa18024; 28 Oct 96 15:09 EST
Received: from neptune.tis.com by neptune.TIS.COM id aa13273; 28 Oct 96 14:39 EST
Message-Id: <199610281921.LAA27635@cornpuffs.cisco.com>
From: Ran Atkinson <rja@cisco.com>
Date: Mon, 28 Oct 1996 11:21:23 -0800
X-Mailer: Mail User's Shell (7.2.5 10/14/92)
To: ipsec@tis.com
Subject: allocation of key material into keys
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk
I'm not sure what other folks think, but I've been persuaded by various people that we need some standard and clearly stated way of transforming a "blob" of key material generated by key management (e.g. the D-H exponentiation) into one or more actual session keys. I'd like to propose that the key management protocol specifications only be responsible for generating a "blob" of key material with sufficient bits of entropy. Each transform would need to specify how many bits of entropy are needed from key management for an SA and precisely how to transform a single "blob" of key material into one or more session keys. Does this seem OK to people ? Ran rja@cisco.com --
- allocation of key material into keys Ran Atkinson
- Re: allocation of key material into keys Bill Sommerfeld
- Re: allocation of key material into keys C. Harald Koch
- Re: allocation of key material into keys Bill Sommerfeld
- Re: allocation of key material into keys Naganand Doraswamy
- Re: allocation of key material into keys David Carrel