* Matthew Toseland <toad at amphibian.dyndns.org> [2008-02-05 11:03:29]:
> NewPacketFormat assumes that we can generate as many keys as we want from JFK > securely. Is this true? JFK uses an HMAC with 0, 1, or 2, to generate the > session key or the 2 internal keys it uses, but does not explicitly document > the option to generate more keys by incrementing that number - and it refers > to IKE key extension if you need more bits (it does *not* say increment the > number and stick them together, as you might expect). Is it safe to do what > we have planned, to get separate keys for each direction and in > NewPacketFormat for the IV key and HMAC key? Yes, you can increment the value in the plaintext of the hmac to generate as many session keys as you need. The paper was suggesting to refer to the IKE key extension mechanism in case you need more bits "for the same key". NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080207/4b854306/attachment.pgp>
