IETF Logo Mail Archive

Re: [TLS] PRF in TLS 1.2

Wan-Teh Chang <wtchang@redhat.com> Wed, 27 September 2006 14:30 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GSaQv-0002u9-JL; Wed, 27 Sep 2006 10:30:45 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GSaQt-0002tn-QH for tls@ietf.org; Wed, 27 Sep 2006 10:30:43 -0400
Received: from mx1.redhat.com ([66.187.233.31]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GSaQs-0000pi-Hl for tls@ietf.org; Wed, 27 Sep 2006 10:30:43 -0400
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k8REUeYC009593 for <tls@ietf.org>; Wed, 27 Sep 2006 10:30:40 -0400
Received: from potter.sfbay.redhat.com (potter.sfbay.redhat.com [172.16.27.15]) by int-mx1.corp.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k8REUdvu015586 for <tls@ietf.org>; Wed, 27 Sep 2006 10:30:39 -0400
Received: from [127.0.0.1] (vpn-51-24.sfbay.redhat.com [10.14.51.24] (may be forged)) by potter.sfbay.redhat.com (8.12.8/8.12.8) with ESMTP id k8REUavA009533 for <tls@ietf.org>; Wed, 27 Sep 2006 10:30:38 -0400
Message-ID: <451A8B0F.2010303@redhat.com>
Date: Wed, 27 Sep 2006 07:30:39 -0700
From: Wan-Teh Chang <wtchang@redhat.com>
User-Agent: Thunderbird 2.0b1pre (Windows/20060923)
MIME-Version: 1.0
To: tls@ietf.org
Subject: Re: [TLS] PRF in TLS 1.2
References: <450F222D.2020706@redhat.com> <86k6403hqq.fsf@raman.networkresonance.com>
In-Reply-To: <86k6403hqq.fsf@raman.networkresonance.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Eric Rescorla wrote:
>
> The new PRFs that people seem interested in are:
> 
> 1. The GOST PRF (draft-chudov-cryptopro-cptls-03.txt)

The GOST PRF, PRF_GOSTR3411, is defined in RFC 4357 as

   PRF_GOSTR3411(secret,label,seed) = P_GOSTR3411 (secret,label|seed)

   where '|' stands for concatenation.

It is actually an instance of the default TLS 1.2 PRF,
with <hash> = the GOST R 34.11-94 hash function.  This
isn't a coincidence, is it?

> 2. The FIPS 800-56A KDF.

Appendix A, Item 8 of NIST SP 800-56A says this KDF
comes from ANS X9.42 and X9.63, but NIST made some minor
(and perhaps subtle) changes (e.g., the order of the counter
and secret is reversed).  I don't know if this KDF is
used in any other standard or protocol.

Perhaps we should ask NIST if P_SHA-1, P_SHA-256, and
P_SHA-384 are allowed in TLS in FIPS mode.

Wan-Teh


_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email