Re: A Method of Session Key Generation

craig mcmillan (craig@jcp.co.uk)
Thu, 28 Jan 1999 13:32:13 +0000

• Next message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Previous message: Marcus Watts: "Re: A Method of Session Key Generation"
• In reply to: Mok-Kong Shen: "A Method of Session Key Generation"
• Next in thread: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"

examine the tls session keygen algorithm:

http://www.ietf.org/internet-drafts/draft-ietf-tls-protocol-06.txt

you need to explicitly introduce some entropy into the
plaintext conversation used to negotiate the encrypted channel,
or you will lend up with the same session key each time. tls
also combines the output from sha-1 and md5 hashes, in
the hope that should either, but not both, become insecure then
it's keygen algorithm will continue to be secure.

c

At 09:48 28/01/99 +0100, Mok-Kong Shen wrote:
>Generation of session keys appears to be comparatively little
>treated in the literature. I like to propose the following simple
>scheme:
>
> Hash all previously processed plaintexts. Encrypt the hash with
> a masterkey to obtain the current session key.

pgp public key available from keyservers everywhere
key id: 0xE32C8445
fingerprint: 8F94 59A7 B7D3 50B7 9EE1 FB90 70E9 30A9 E32C 8445

• Next message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Previous message: Marcus Watts: "Re: A Method of Session Key Generation"
• In reply to: Mok-Kong Shen: "A Method of Session Key Generation"
• Next in thread: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"