Re: key retention service: DH support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Dienstag, 24. Mai 2016, 08:04:28 schrieb David Howells:

Hi David,

> Stephan Mueller <smueller@xxxxxxxxxx> wrote:
> > With the new DH support for the key retention service, support for DH
> > derived keys pops up.
> > 
> > The implementation in security/keys/dh.c returns the DH shared secret
> > straight to the user space caller.
> > 
> > I implemented a KDF with that exact scenario already in mind: [1].
> > 
> > I am wondering whether the shared secret should be processed by a KDF
> > before returning the data to user space?
> > 
> > [1] http://www.chronox.de/kdf.html
> 
> Adding Mat to the cc list.  If we want to modify the new DH keyctl, we have
> a very short time window in which to do so.

The KDF patches are fully tested. All that would be needed on the key 
retention side after the shared secret generation are the following calls:

kdf = crypto_alloc_rng(NAME, 0, 0);

crypto_rng_reset(kdf, <shared_secret>, sizeof(<shared_secret>));

crypto_rng_generate(kdf, LABEL, sizeof(LABEL), outbuf, outbuflen);

NAME would be the KDF type such as "kdf_ctr(hmac(sha256))"

LABEL would be an arbitrary string defined by the key service (e.g. 
"LxKeyRet").

Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux