Re: Separate keys for sending and receiving?

---

• From: "skillzero@xxxxxxxxx" <skillzero@xxxxxxxxx>
• Date: Thu, 27 Dec 2007 15:21:23 -0800 (PST)

---

On Dec 27, 2:21 pm, Kristian Gjøsteen <kristiag+n...@xxxxxxxxxxxx>
wrote:

skillz...@xxxxxxxxx <skillz...@xxxxxxxxx> wrote:

I'm generating a shared secret using SRP then hashing it with SHA-1 to
generate an AES key for use in counter mode. Is there a weakness in
using the same AES key (with different IVs) for sending and receiving?

Having two keys may make it easier to prove the protocol secure.

Would generating two AES keys hashed from the same SRP shared secret,
but with a different salt value qualify as two keys since they are
both derived from the same shared secret?
.

---

• Follow-Ups:
  • Re: Separate keys for sending and receiving?
    • From: Paul Rubin

• References:
  • Separate keys for sending and receiving?
    • From: skillzero@xxxxxxxxx
  • Re: Separate keys for sending and receiving?
    • From: Kristian Gjøsteen

• Prev by Date: Re: Separate keys for sending and receiving?
• Next by Date: Re: Separate keys for sending and receiving?
• Previous by thread: Re: Separate keys for sending and receiving?
• Next by thread: Re: Separate keys for sending and receiving?
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2007-12