"Leichter, Jerry" <[EMAIL PROTECTED]> writes: >All of this ignores a significant issue: Are keying and encryption (and >authentication) mechanisms really independent of each other? I'm not aware of >much work in this direction.
Is there much work to be done here? If you view the keyex mechanism as a producer of an authenticated blob of shared secrecy and the post-keyex portions (data transfer or whatever you're doing) as a consumer of said blob, with a PRF as impedance-matcher (as is done by SSL/TLS, SSH, IPsec, ..., with varying degrees of aplomb, and in a more limited store-and-forward context PGP, S/MIME, ...), is there much more to consider? Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]