<snip>
> >
> > Hmmm. If an application requires more than one
key, would
> > there really be a case where creation of a root
AMSK and
> > subsequent keys from that root AMSK not work? I'm
wondering
> > why you need to create multiple AMSKs for the same
> > application directly from the EMSK. I'd
personally like to
> > have no more than one key coming out of the EMSK
for the same
> > key label (unique per application) in AMSK
derivation.
>
> Lets get to right down to the label(s). If I have an
> application called
> foo, can I generate two AMSKs as follows:
>
> AMSK-FOO-A = KGF(EMSK,"FOO-A" | ......)
> AMSK-FOO-B = KGF(EMSK,"FOO-B" | ......)
>
> I don't know why an application FOO would like to do
this. Maybe FOO
> application is really two applications.
>
> But the point is, from a security perspective why does
it matter?
>
[Joe] As long as there is not caching required between
AMSK-FOO-A and
AMSK-FOO-B, I'm not sure it really matters. The argument
against it is
that it may encourage caching and there really isn't a
reason why you
couldn't derive the two keys lower in the hierachy (except
perhaps for
efficiency). For what its worth in the original EMSK usage
draft
(http://bgp.potaroo.net/ietf/all-ids/draft-
salowey-eap-key-deriv-02.txt)
we had the following prototype for the KDF:
AMSK = KDF(EMSK, key label, optional application data,
length
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|