1. what is HI-I and HI-R, what's the diff with HIT-I and HIT-R?
2. since the key to encrypt HI-I in calculating I2 is derived from HIT-R,
B-HIT-I:
" Key1=SHA1 (KDH, HIT-R, B-HIT-I, 1), ...
Keyn=SHA1 (KDH, HIT-R, B-HIT-I, n),"
how can initiator calculate the key before he obtain R2?
3. since the key of Encrypt {HI-R} is also calculated from HI(T)-R,
then how can HI(T)-R be decrypted?
4. Only knowing HIT-I or HIT-R can not verify the signature since HIT is
only a hash of required public key,
so public key need to be transported.
5. In an example of HIP, a puzzle is specified as:
"I = Ltrunc( RHASH ( S | HIT-I | HIT-R | IP-I | IP-R ), 64)"
so, HIT-I and HIT-R are needed to compute and precompute a puzzle, so how
puzzle of this like be (pre)computed in
R1?
Regards~~~
-Sujing
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
