[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [pkcs11] Groups - Flexible KDF Draft 1 uploaded
Hi Darren, thank you for the clarification. I’m wondering how additional CK_FKDF_COUNTER are working. Are they all incremented simultaneously or is counter n+1 an “overflow” of
counter n? If the former: do all counters have to be big enough to generate the key (i.e. store the number of rounds) or is this a requirement for only the first counter or at least one counter? Best regards, Daniel From: pkcs11@lists.oasis-open.org [mailto:pkcs11@lists.oasis-open.org]
On Behalf Of Johnson Darren Hi Dieter, I believe most of your comments were editorial mistakes on my part. You had one question about the following text, which I agree does not make sense. This mechanism requires that at least one CK_FKDF_DATA_PARAM of type CK_FKDF_COUNTER must be defined. Beyond that requirement, any number of CK_FKDF_DATA_PARAM
structures can be defines as was as any number of duplicate types and values.
It should be the following, which is supposed to explain any number and combination of data parameters are allowed, including parameters with the
same type and values. The algorithm does not care as it simply concatenates them together.
This mechanism requires that at least one CK_FKDF_DATA_PARAM of type CK_FKDF_COUNTER must be defined. Beyond that requirement, any number of CK_FKDF_DATA_PARAM
structures can be defined as well as any number of duplicate types and values. For the counter… the counter value defined in CK_FKDF_COUNTER_PARAM is used to define the initial counter value. The KDF is an iterative algorithm
produce a block of output from the PRF each iteration and the counter is incremented internal to the KDF as each iteration is performed. The number of iterations required is defined by the size of the PRF output and the size and number of keys you want to
derive. The counter is used to ensure that each block of output is unique from the previous block. How the counter is used and incremented is defined in SP800-108, but I could include some more text in my proposal to clarify that if you think it is worthwhile. Thanks for you feed back, and I’ll upload an updated version after I incorporate all of the comments. Darren From:
pkcs11@lists.oasis-open.org [mailto:pkcs11@lists.oasis-open.org]
On Behalf Of Dieter Bong Hi Darren, that’s an interesting proposal. I have included a few minor comments and questions in the document itself, please check the track changes and comments. The most
important question for me is: When passing (a pointer to) a CK_FKDF_COUNTER_PARAM structure, is C_Derive supposed to increment that counter after using for key derivation? Or is the application supposed to increment the counter after C_Derive has returned?
Please clarify. Thanks, Dieter From:
pkcs11@lists.oasis-open.org [mailto:pkcs11@lists.oasis-open.org]
On Behalf Of Darren Johnson Submitter's message
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure,
either whole or partial, is prohibited. Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/ |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]