Question on Diffie-Hellman and key derivation from Mark Watson on 2013-12-02 (public-webcrypto@w3.org from December 2013)

From: Mark Watson <watsonm@netflix.com>
Date: Mon, 2 Dec 2013 14:06:42 -0800
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CAEnTvdBNdbqbK-ncRinujNq7PmEeWZKUJC-rvCYDoVabm0OsOQ@mail.gmail.com>

All,

I have a rather basic question about how Diffie-Hellman is supposed to work
in the current draft. I scoured the archives, and whilst there is plenty of
discussion of and around this issue, nowhere does there seem to be an
answer.

The question is, when executing the second DH step, by feeding in the peer
public value to deriveKey, what is the output ? Is it:
(a) a Key object that represents the raw shared secret bits that are the
output of the DH operation, or
(b) a Key object that represents a usable key for some other WebCrypto
algorithm (say AES-GCM)

If (a), what should be specified as the derivedKeyType parameter to
deriveKey ? null ?

If (b), where are the key derivation algorithm and its parameters specified
that derive the key from the raw shared secret bits ?

...Mark

Received on Monday, 2 December 2013 22:07:10 UTC