+1 I support adoption of generalising the use of PRFs and KDFs with extensible output in all protocols.
I think it would be good to differentiate between PRFs and KDFs. CMAC is for example a good PRF but a quite bad KDF. In a KDF you want collision- and preimage-resistance to avoid that a party controlling the inputs is able make keys predictable or (partially) identical [1]. [1] Ericsson comments on SP 800-38B https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38b-initial-public-comments-2024.pdf Cheers, John From: Ben S3 <[email protected]> Date: Friday, 29 August 2025 at 12:14 To: Tero Kivinen <[email protected]>, [email protected] <[email protected]> Subject: [IPsec] Re: WG Adoption call for draft-smyslov-ipsecme-ikev2-prf-plus I support adoption of this document. We support generalising the use of PRFs with extensible output in IKEv2 and would provide comments and feedback from the perspective of using KMAC. Ben -----Original Message----- From: Tero Kivinen <[email protected]> Sent: 22 August 2025 18:36 To: [email protected] Subject: [IPsec] WG Adoption call for draft-smyslov-ipsecme-ikev2-prf-plus This will start four week adoption call for draft-smyslov-ipsecme-ikev2-prf-plus [1]. The adoption call will end at 2025-09-21, and if you support adopting this document as working group document send your support and comments to the working group list. [1] https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-smyslov-ipsecme-ikev2-prf-plus%2F&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C4a23278f013544fbc47308dde6e4e2a0%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638920592911560430%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=vwS24Bh6EjqdUkKvtidKgDA649XWBKhQCy5Eu%2F7TVy4%3D&reserved=0<https://datatracker.ietf.org/doc/draft-smyslov-ipsecme-ikev2-prf-plus/> -- [email protected] _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
_______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
