NewPacketFormat assumes that we can generate as many keys as we want from JFK securely. Is this true? JFK uses an HMAC with 0, 1, or 2, to generate the session key or the 2 internal keys it uses, but does not explicitly document the option to generate more keys by incrementing that number - and it refers to IKE key extension if you need more bits (it does *not* say increment the number and stick them together, as you might expect). Is it safe to do what we have planned, to get separate keys for each direction and in NewPacketFormat for the IV key and HMAC key?
pgpN0DpnBtquZ.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
