Re: [TLS] HKDF
Andrey Jivsov <crypto@brainhub.org> Wed, 25 March 2015 15:21 UTC
Return-Path: <andrey@brainhub.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACA621A87BF for <tls@ietfa.amsl.com>; Wed, 25 Mar 2015 08:21:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ll2TfftnLgQl for <tls@ietfa.amsl.com>; Wed, 25 Mar 2015 08:21:27 -0700 (PDT)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BD5E1A87BC for <tls@ietf.org>; Wed, 25 Mar 2015 08:21:27 -0700 (PDT)
Received: by wibgn9 with SMTP id gn9so44088311wib.1 for <tls@ietf.org>; Wed, 25 Mar 2015 08:21:25 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Fl7UO5QKjzNG7W8Um7r3KZ2Q2jFR3aRP49nGqHBF2Aw=; b=d5G9M8+jabzOXLUGMhbpXnZIOOZbQ1K69ua505tGjFqgHflxVuW0oGEPaVpKGnGFVo thB0BiyYxeTjZ81wxYDC4fUsn+818wWkqLkIZXgAyFNqQqYYKgpEw9NJlBHjbGrZse4J pOYh//qJGRFfVFzhYoPeIPwgDrv91oLsgnxzhIW6bho9LBgY4tVv5G9NjwvvP04I44fQ zoRxvDpfLR9mHXnqtQ8MolR5xfSoenNiZWhwJx9vDGC95xbnCqJw8O3yU9icvaLsdl// jOAB7i2AHbyAqNyUKKLRMP6kcPT76y71Xtu1d3C6tl3HxzADgMUYBcdjjY0VfUPwYjT1 dX/Q==
X-Gm-Message-State: ALoCoQn3jS9nJuAMFj7TsTH3WvhrhqG0oMMjZ5eLyn/Xydn5YWJwibhohYpaj0NjrQ7j0hk0Agaj
MIME-Version: 1.0
X-Received: by 10.180.97.106 with SMTP id dz10mr38547564wib.33.1427296885864; Wed, 25 Mar 2015 08:21:25 -0700 (PDT)
Sender: andrey@brainhub.org
Received: by 10.27.14.66 with HTTP; Wed, 25 Mar 2015 08:21:25 -0700 (PDT)
X-Originating-IP: [31.133.162.114]
Received: by 10.27.14.66 with HTTP; Wed, 25 Mar 2015 08:21:25 -0700 (PDT)
In-Reply-To: <CAKUk3buuP+=AA0kLF9VodASVfQSYGZq016sqcbe8eoNJRKZxGA@mail.gmail.com>
References: <CABcZeBPa3j+EfMkPik7r5G-qcBpYkXTFWwYwuCeE38mFjUwpJw@mail.gmail.com> <7FA320AE-B9C2-412D-B84B-DB4CAB05B325@gmail.com> <5510FDC8.1060702@brainhub.org> <358E3F82-0777-42A1-AA75-F31AA3C2103B@gmail.com> <20150324121632.GA28552@LK-Perkele-VII> <CAKUk3buuP+=AA0kLF9VodASVfQSYGZq016sqcbe8eoNJRKZxGA@mail.gmail.com>
Date: Wed, 25 Mar 2015 08:21:25 -0700
X-Google-Sender-Auth: adTxTHngt5hv9T-2CD1jrncqGa0
Message-ID: <CAKUk3bu1Nm29A-G1Qf2znSZJuLLh0MMOgR1kP_1-KSXDsBTRYw@mail.gmail.com>
From: Andrey Jivsov <crypto@brainhub.org>
To: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Content-Type: multipart/alternative; boundary="f46d0442712edf0fbd05121e7300"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/a_6IaIOm-ZwkX_ows7-3G7CM2Xc>
Cc: tls@ietf.org
Subject: Re: [TLS] HKDF
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2015 15:21:28 -0000
On Mar 25, 2015 10:02 AM, "Andrey Jivsov" <crypto@brainhub.org> wrote: > > > One idea for meaningful reduction of complexity in TLS is if we could switch to cipher-based KDF. We countinue to use hash for digital signatures, controlled by the signature extension. An AEAD cipher is required and has the MAC method internal to them. Therefore, this would drop hash functions from the ciphersuites. > ... but some people like AEAD stream ciphers.
- [TLS] HKDF Eric Rescorla
- Re: [TLS] HKDF Dave Garrett
- Re: [TLS] HKDF Yoav Nir
- Re: [TLS] HKDF Andrey Jivsov
- Re: [TLS] HKDF Yoav Nir
- Re: [TLS] HKDF Ilari Liusvaara
- Re: [TLS] HKDF Hugo Krawczyk
- Re: [TLS] HKDF Andrey Jivsov
- Re: [TLS] HKDF Andrey Jivsov
- Re: [TLS] HKDF Hugo Krawczyk
- Re: [TLS] HKDF Nikos Mavrogiannopoulos
- Re: [TLS] HKDF Ilari Liusvaara
- Re: [TLS] HKDF Brian Smith
- Re: [TLS] HKDF Eric Rescorla
- Re: [TLS] HKDF Hugo Krawczyk
- Re: [TLS] HKDF Brian Smith
- Re: [TLS] HKDF Ilari Liusvaara
- Re: [TLS] HKDF Ilari Liusvaara
- Re: [TLS] HKDF Michael StJohns
- Re: [TLS] HKDF Michael StJohns
- Re: [TLS] HKDF Ilari Liusvaara
- Re: [TLS] HKDF Richard Moore
- Re: [TLS] HKDF Watson Ladd