- From: Pratik Datta <pratik.datta@oracle.com>
- Date: Mon, 17 Oct 2011 13:08:26 -0700 (PDT)
- To: Magnus Nystrom <mnystrom@microsoft.com>, "XMLSec WG Public List (public-xmlsec@w3.org)" <public-xmlsec@w3.org>
Even the original Diffie Helman of XML encryption 1.0, which we now call "legacy KDF" does not have keydatalen. So I think we should not have KeyLength anywhere. Another thing to compare with is wsc:DerivedKeyToken http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/ws-secureconversation-1.3-os.html#_Toc162064057 Here the /wsc:DerivedKeyToken/wsc:Length is optional Pratik -----Original Message----- From: Magnus Nystrom [mailto:mnystrom@microsoft.com] Sent: Monday, October 17, 2011 10:03 AM To: Pratik Datta; XMLSec WG Public List (public-xmlsec@w3.org) Subject: RE: In XML encryption 1.1, the PBKDF2-params/KeyLength is superfluous True. Perhaps we should instead add the KeyDatalen to ConcatKDF (at least as an optional?)? I am a little wary at doing any changes to the schema at this late point though given that what we have apparently works - but I can see the inconsistency. I'd rather not change the PBKDF2 schema though since we currently have alignment with the schema for PKCS #5 - the same elements & attributes. -- Magnus > -----Original Message----- > From: Pratik Datta [mailto:pratik.datta@oracle.com] > Sent: Monday, October 17, 2011 9:25 AM > To: Magnus Nystrom; XMLSec WG Public List (public-xmlsec@w3.org) > Subject: RE: In XML encryption 1.1, the PBKDF2-params/KeyLength is > superfluous > > Even for ConcatKDF, "keydatalen" is a required input to the algorithm. > But we don't have that as a parameter for ConcatKDF. It needs to be inferred. > > Pratik > > -----Original Message----- > From: Magnus Nystrom [mailto:mnystrom@microsoft.com] > Sent: Monday, October 17, 2011 8:57 AM > To: XMLSec WG Public List (public-xmlsec@w3.org) > Subject: RE: In XML encryption 1.1, the PBKDF2-params/KeyLength is > superfluous > > Pratik wrote: > > > Can we remove the KeyLength parameter in PBKDF2 ? > > In the other two key derivation functions - ConcatKDF and > > LegacyKeyDerivation, the length of the key to be derived is not specified , > rather it needs to be inferred from the context. We should have PBKDF2 also > behave similarly. > > I don't see how one could do this as the KeyLength is an integral part of the > PBKDF2 algorithm. For example, it is used to determine how many blocks of > hash output that is required. I'd recommend not trying to change this at this > point. > > -- Magnus > >
Received on Monday, 17 October 2011 20:09:12 UTC