Re: key retention service: DH support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stephan Mueller <smueller@xxxxxxxxxx> wrote:

> With the new DH support for the key retention service, support for DH derived 
> keys pops up.
> 
> The implementation in security/keys/dh.c returns the DH shared secret straight 
> to the user space caller.
> 
> I implemented a KDF with that exact scenario already in mind: [1].
> 
> I am wondering whether the shared secret should be processed by a KDF before 
> returning the data to user space?
> 
> [1] http://www.chronox.de/kdf.html

Adding Mat to the cc list.  If we want to modify the new DH keyctl, we have a
very short time window in which to do so.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux