Hi Pieter, On 04.04.19 12:57, Pieter Hulshoff wrote:
> I understand that, but since GCM already handles both encryption and > authentication, I was wondering what the SHA-384 (which is not part of > AES-GCM) was used for. Might it indicate the PRF used for key > derivation? Are there perhaps two authentication tags used for the > control channel (GHASH and SHA-384)? Nothing OpenVPN specific, just commenting on TLS: You are exactly right that SHA384 is used as the PRF, as specified in RFC5248, i.e. PRF = P_SHA384 for the case you mentioned. Data is authenticated using GCM/AEAD, i.e., no double authentication tags or other trickery. Cheers, Joe _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
