Re: A Method of Session Key Generation

David Jablon (dpj@world.std.com)
Thu, 28 Jan 1999 09:32:26 -0500

• Next message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Previous message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• In reply to: Marcus Watts: "Re: A Method of Session Key Generation"
• Next in thread: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"

At 09:48 AM 1/28/99 +0100, Mok-Kong Shen wrote:

> Generation of session keys appears to be comparatively little
> treated in the literature. I like to propose [...]

As others will continue to point out, there is a *lot* of
literature on the subject of negotiating session keys.
Even in the special case of negotiating a session key based
on small shared secrets, the domain of EKE-style methods,
many papers are on-line at <http://world.std.com/~dpj/links.html>.

It's not clear from your proposal whether hashing *all* prior
shared plaintext is meant to increase the entropy of the
derived key. If so, I should point out that introducing
randomness is an essential component of the strong methods.

-- dpj

• Next message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Previous message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• In reply to: Marcus Watts: "Re: A Method of Session Key Generation"
• Next in thread: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"