Wednesday, 14 March 2012

Due to hashing of HMAC function

Due to hashing of HMAC function, they are restricted to certain block sizes that will have 
an effect on the resulting key size. If a hash algorithm has a block size of 8 bytes, but the 
requirement of the final key is 30 bytes, the PRF has to be used four times into itself, 
combining the results and taking the most significant bits to produce the necessary key. The 
following is an example based on the creation of the pre-shared secret SKEYID, in which 
each Bx is one resulting block of 8 bytes.  
B1 = prf (pre-shared-key, nonce_i | nonce_r)  
Such operation  was previously defined as equaling the SKEYID. However, that would 
result in a key 4 times too small.  
B2 = prf (pre-shared-key, B1 | nonce_i | nonce_r)  
B3 = prf (pre-shared-key, B2 | nonce_i | nonce_r)  
B4 = prf (pre-shared-key, B3 | nonce_i | nonce_r)  
With four 8-byte keys, one can combine them and use the most significant number of bits 
necessary to create the final key. In this example, the final key is equal to 32 bytes; therefore, 
one takes the first 30 bytes of the result of combining the pre-calculated blocks of 8 bytes:  
SKEYID = (!30 (B1 | B2 | B3 | B4))  
The same process is applicable to other key generation operations. As the three constant 
keys are created (_a, _e, and _d), they must be increased to accommodate the encryption 
algorithm. For example, the creation of SKEYID_d, the first of the three to be computed:  
B1 = prf ( SKEYID, DH_key | cookie_i | cookie_r | 0)  
B2 = prf ( SKEYID, B1 | DH_key | cookie_i | cookie_r | 0)  
B3 = prf ( SKEYID, B2 | DH_key | cookie_i | cookie_r | 0)  
B4 = prf ( SKEYID, B3 | DH_key | cookie_i | cookie_r | 0)  
Once the blocks are created, one can combine the results and take the first 30 bytes for a 
SKEYID_d = (!30 (B1 | B2 | B3 | B4))  

No comments:

Post a Comment

Note: only a member of this blog may post a comment.