First round of my stupid questions about NTS
Richard Laager
rlaager at wiktel.com
Sat Jan 19 02:17:11 UTC 2019
On 1/18/19 8:05 PM, Gary E. Miller via devel wrote:
> Section 5.1, they come from RFC 5706 using the PRF() function.
Agreed.
> The question is where the master key used by PRF() comes from.
That comes from the TLS session. See RFC 5705's mentions of "TLS master
secret". For more specifics, note that the code in RFC 5705 section 5.1
uses master_secret, client_random, and server_random out of something
called SecurityParameters, and then see RFC 5246, section 6.1,
especially page 16 and 17:
https://tools.ietf.org/html/rfc5246#section-6.1
struct {
ConnectionEnd entity;
PRFAlgorithm prf_algorithm;
BulkCipherAlgorithm bulk_cipher_algorithm;
CipherType cipher_type;
uint8 enc_key_length;
uint8 block_length;
uint8 fixed_iv_length;
uint8 record_iv_length;
MACAlgorithm mac_algorithm;
uint8 mac_length;
uint8 mac_key_length;
CompressionMethod compression_algorithm;
opaque master_secret[48];
opaque client_random[32];
opaque server_random[32];
} SecurityParameters;
--
Richard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190118/4d4e68ff/attachment.bin>
More information about the devel
mailing list