Mikey key derivation method draft->RFC
Erik Eliasson
eliasson at it.kth.se
Tue Jan 30 11:52:21 CET 2007
We implemented MIKEY before it became an RFC. We used the latest one
then, that was draft 7 as indicated by the comment just above the
incompatibility:
/* Described in draft-ietf-msec-mikey-07.txt Section 4.1.3 */
We were not aware of this change until now when Hubertus tested his
implementation of the PRF against ours.
This breaks MIKEY compatibility with older applications, and other
applications using our libmikey previous to Hubertus patch (guess noone
have used another implementation, right ;) ), but simply fixing the bug
seems like the only way to go.
Many thanks for finding it, Hubertus
--Erik, back from Munich
On Tue, 2007-01-30 at 10:43 +0100, Cesc wrote:
> I ain't keeping track on mikey ... but how come the ID and RFC version
> are incompatible? or were we implementing a veery old ID version which
> suffered many changes?
>
> On 1/30/07, hubertus.grobbel at gi-de.com <hubertus.grobbel at gi-de.com> wrote:
> >
> > Hello everybody,
> >
> > yesterday I commited a minor change to the key derivation in
> > KeyAgreement.cxx. The versions < 3157 were supporting the mikey-draft, >=
> > 3157 are now conforming the Mikey RFC. This change affects the key
> > derivation, which makes older and newer versions incompatible if
> > Mikey-functionality is used!
> >
> > But some day it had to be done... Keep that in mind, if you may run into
> > encryption-problems.
> >
> > Regards
> > Hubertus
> >
> > Hubertus Grobbel
> > Development Engineer
> > Division New Business
> > Giesecke & Devrient GmbH, Prinzregentenstr. 159, 81677 Muenchen
> > Tel. +49 89 4119-2285, Fax: +49 89 4119-9658
> > hubertus.grobbel at gi-de.com
> > http://www.gi-de.com
> >
> > _______________________________________________
> > Minisip-devel mailing list
> > Minisip-devel at minisip.org
> > http://lists.minisip.org/mailman/listinfo/minisip-devel
> >
> _______________________________________________
> Minisip-devel mailing list
> Minisip-devel at minisip.org
> http://lists.minisip.org/mailman/listinfo/minisip-devel
--
Erik Eliasson <eliasson at it.kth.se>
More information about the Minisip-devel
mailing list