On Thu, Mar 31, 2011 at 9:34 AM, Alejandro Perez Mendez <[email protected]> wrote: > Maybe this is just a stupid question, but do they really need to maintain > state of the entire conversation? I mean, both parties could just maintain > the result of a hash over the conversation so far, built in an iterative > way. Something like this: > > state' = hash (state, new_message) > > At the end of the conversation, they could compute GSS_mic over the state. > > May be the overload of computing such hashes is worse than the memory needed > to store the entire state.
That's what TLS does. It's clever, and it works, but you get into hash agility issues. If you need to negotiate a hash function (and you will), then you find yourself back at square #1 because at least for the first N messages, where N >=1 (but probably N == 1) you don't know what the hash algorithm will be. Either you use all your hash functions (whoops! slow!) or you hold the message(s) in memory (expensive). The good news is that most new phones and such devices have enough memory for this (and then some). Nico -- _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
