At 9:58 AM +0300 10/30/09, Valery Smyslov wrote: >Hi all, > >I'd like to reiterate my early message, which I haven't got answer to. >My concerns are: > >1. How padding pre-sahred key with string "Key Pad for IKEv2" > could help to avoid storing pre-shared key in IKE implementation > if prf is not known untill IKE_SA_INIT exchange is finished?
The PRF (or set of PRFs) is known by the receiving party. If the two parties always only use one PRF, it is known. The padding is not a universal solution for the reasons you give, but it works in the common case of peers who know each other's crypto choices. >2. It is a bit unclear whether EAP generated key should also > be padded before use in IKE, or used directly. I'm pretty sure the key is used in its PRF form, not in its "as is" form, but I would want to hear from one or two implementers on that. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
