iSCSI: nits on SRP text key lengths

To: ips@ece.cmu.edu
Subject: iSCSI: nits on SRP text key lengths
From: Paul Koning <ni1d@arrl.net>
Date: Wed, 10 Apr 2002 16:51:34 -0400
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Sender: owner-ips@ece.cmu.edu

The current draft talks about the length of the various binary data
keys used with SRP.  The length limit is given as 1024 bytes, i.e.,
8192 bits, for all of the binary data items.

8192 makes sense only if we allow a field modulus of that size, which
doesn't make a whole lot of sense.  If the groups are limited to those
defined in IKE, then the size limit becomes 1024 bits = 128 bytes.  If
the groups defined in the ips-security draft are also allowed, then
the size limit is 2048 bits = 256 bytes.

The H(...) key in SRP is a SHA-1 hash output, which means its size
must be exactly 20 bytes.

     paul

Prev by Date: iSCSI: DH-CHAP initial comments
Next by Date: RE: iSCSI: nits on SRP text key lengths
Prev by thread: iSCSI: DH-CHAP initial comments
Next by thread: RE: iSCSI: nits on SRP text key lengths
Index(es):
- Date
- Thread

Home

Last updated: Wed Apr 10 17:18:21 2002
9581 messages in chronological order