IETF Logo Mail Archive

[TLS] HKDF

Eric Rescorla <ekr@rtfm.com> Mon, 23 March 2015 14:20 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B35A61A8AB5 for <tls@ietfa.amsl.com>; Mon, 23 Mar 2015 07:20:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BQS2PKJ8YXZz for <tls@ietfa.amsl.com>; Mon, 23 Mar 2015 07:20:53 -0700 (PDT)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0C251A8ADA for <tls@ietf.org>; Mon, 23 Mar 2015 07:20:40 -0700 (PDT)
Received: by wibgn9 with SMTP id gn9so64198391wib.1 for <tls@ietf.org>; Mon, 23 Mar 2015 07:20:39 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=BgHhLjPzc/tqNMVOOdZoHqrbR+mzcaeXFdHicNglHNY=; b=BGPIKYms4zit9lcuTMDdhk5Tivg02Yj1EG5Z+8vwIXEGHD+pLSpHapkxLL1d/uKF8f C/6JwR1Ath9Bk+BwQivdhMUWbmqiEU0Ag/yTc2FUKJXOEdozmzQZG4/xmClNbLUZe64V i44s5jYmbhmQFeV3U38cwUoJrkyI0X3FsLVASxUL6o/8Co8g8fJreEEme9Ch9XX3+uSc B/kh1d8RlYs/TVslVdA1Yj3hchHQoju2rv1IqpgkjO/WwwHU5rJtajaBXZUk6Wjo8npP 9PDUHp1yB6jfHx33xw4Ovu0kbY5YesJn6D+eaQOvr/J3sLlmiyK1LlYmQ0pHOLtswoGx yDGw==
X-Gm-Message-State: ALoCoQkTElak8bwqZalP/1/FSkrj802vaF+QpQLoiqxKbhTvJDZWwF33/s9LHjqzawSLSW5iBKI9
X-Received: by 10.180.202.228 with SMTP id kl4mr19348972wic.66.1427120439593; Mon, 23 Mar 2015 07:20:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.27.205.198 with HTTP; Mon, 23 Mar 2015 07:19:59 -0700 (PDT)
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 23 Mar 2015 09:19:59 -0500
Message-ID: <CABcZeBPa3j+EfMkPik7r5G-qcBpYkXTFWwYwuCeE38mFjUwpJw@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="089e0102e128daa36f0511f55e87"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/2-aGnMBCHFrR1iLoadSTyJpXcwY>
Subject: [TLS] HKDF
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2015 14:20:54 -0000

As I mentioned in a previous message [0] during the interim we discussed
moving from the TLS PRF to HKDF [RFC5869].

The general sentiment was:

- Move to HKDF
- Specify both SHA-256 and SHA-384 (the latter being required for
  Suite B)

This is also the time when we would want to look at adjusting
the key expansion to separate keys and IVs (assuming we still
have IVs).

Please use this thread to discuss this topic.

-Ekr

[0] https://www.ietf.org/mail-archive/web/tls/current/msg15621.html

v2.23.0 | Report a Bug | By Email