W3C home > Mailing lists > Public > ietf-tls@w3.org > July to September 1996

Re: Passphrases in or out

From: Tom Weinstein <tomw@netscape.com>
Date: Mon, 05 Aug 1996 17:11:52 -0700
Message-ID: <32068DC8.167E@netscape.com>
To: Bennet Yee <bsy@cs.ucsd.edu>
CC: Steve Petri <petri@litronic.com>, ietf-tls@w3.org
Bennet Yee wrote:
> 
> Yes, the MAC key is derived using assymetric cryptography.  In
> pricinple, however, it does not matter how it is derived -- if it is a
> shared key that is only known to the sender and receiver, then the
> security of the MAC would still hold.

This is not completely correct.  The MAC key is only as strong as the
key exchange algorithm used to create it.  In this case, 512-bit RSA,
which is nowhere near as strong as a true 128-bit secret.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw@netscape.com
Received on Monday, 5 August 1996 20:12:50 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:51 EDT