Re: A Method of Session Key Generation

Mok-Kong Shen (mok-kong.shen@stud.uni-muenchen.de)
Thu, 28 Jan 1999 17:55:45 +0100

• Next message: Markus Kuhn: "Pentium III serial number mechanism"
• Previous message: craig mcmillan: "Re: A Method of Session Key Generation"
• In reply to: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Next in thread: David Jablon: "Re: A Method of Session Key Generation"

craig mcmillan wrote:
>
> i suspect we're writing at cross-purposes. i was assuming a session goes
> something like this:
>
> 1. begin plaintext conversation
> 2. negotiate secure mode / shared secret
> 3. generate session keys
> 4. use session keys to protect further conversation
>
> with no state rollover between subsequent sessions. in this case you need
> to include some entropy during negotiation, for use in session key generation.

Yes. My assumption is that there is no negotiation. The partner
simply generates the session key based on previous texts and
sends the encrypted message. On the other end his colleage does
the same to obtain the key to decrypt. Thus one's partner need
not necessarily be present for any dialog.

M. K. Shen

• Next message: Markus Kuhn: "Pentium III serial number mechanism"
• Previous message: craig mcmillan: "Re: A Method of Session Key Generation"
• In reply to: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Next in thread: David Jablon: "Re: A Method of Session Key Generation"