Re: allocation of key material into keys
Bill Sommerfeld <sommerfeld@apollo.hp.com> Mon, 28 October 1996 21:58 UTC
Received: from relay.hq.tis.com by neptune.TIS.COM id aa02054; 28 Oct 96 16:58 EST
Received: by relay.hq.tis.com; id RAA15186; Mon, 28 Oct 1996 17:02:25 -0500
Received: from clipper.hq.tis.com(10.33.1.2) by relay.tis.com via smap (V3.1.1) id xma015172; Mon, 28 Oct 96 17:01:57 -0500
Received: from relay.hq.tis.com (firewall-user@relay.hq.tis.com [10.33.1.1]) by clipper.hq.tis.com (8.7.5/8.7.3) with SMTP id RAA10416 for <ipsec@tis.com>; Mon, 28 Oct 1996 17:03:49 -0500 (EST)
Received: by relay.hq.tis.com; id RAA15166; Mon, 28 Oct 1996 17:01:55 -0500
Received: from capone.ch.apollo.hp.com(15.254.24.3) by relay.tis.com via smap (V3.1.1) id xma015162; Mon, 28 Oct 96 17:01:49 -0500
Received: from thunk.orchard.medford.ma.us (thunk.ch.apollo.hp.com) by capone.ch.apollo.hp.com id <AA221540231@capone.ch.apollo.hp.com>; Mon, 28 Oct 1996 17:03:51 -0500
Received: from thunk (sommerfeld@localhost) by thunk.orchard.medford.ma.us (8.7.5/8.6.12) with ESMTP id RAA03227; Mon, 28 Oct 1996 17:03:49 -0500 (EST)
Message-Id: <199610282203.RAA03227@thunk.orchard.medford.ma.us>
X-Authentication-Warning: thunk.orchard.medford.ma.us: sommerfeld owned process doing -bs
To: "C. Harald Koch" <chk@border.com>
Cc: Ran Atkinson <rja@cisco.com>, ipsec@TIS.COM
Subject: Re: allocation of key material into keys
In-Reply-To: chk's message of Mon, 28 Oct 1996 16:36:06 -0500. <96Oct28.163421est.18437-1@janus.border.com>
Date: Mon, 28 Oct 1996 17:03:45 -0500
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk
> As has been discussed, this is a key management layer issue. I'd modify your > statement to include that somehow, the "blobs" handed to different > transforms or algorithms must be 'independent' (i.e. it's cryptographically > hard to derive one key from another). They can still be generated from the > same key exchange, as long as the key manager runs an intermediate step to > obscure the source keying material. Agreed. Each SA/SPI instantiated by the key mgmt protocol needs to get a different, independant, blob of entropy. - Bill
- allocation of key material into keys Ran Atkinson
- Re: allocation of key material into keys Bill Sommerfeld
- Re: allocation of key material into keys C. Harald Koch
- Re: allocation of key material into keys Bill Sommerfeld
- Re: allocation of key material into keys Naganand Doraswamy
- Re: allocation of key material into keys David Carrel