Hi Justin,
The IKE key material including SK_px is generated, and then AUTH is
computed using SK_pi/SK_pr. This is independent on how the IKE SA was
initiated when it was first set up. So in your example, the RSA private
key is *not* used during resumption.
This is in fact a benefit of session resumption, because private key
operations are typically more expensive that computing a PRF.
Thanks,
Yaron
On 10/29/2014 04:38 PM, Justin Lai wrote:
Hi,
I am having some problem understanding how AUTH value is calculated
during IKE_AUTH when a session is resumed using RFC 5723. Is the
AUTH value calculation always going to be AUTH = prf(SK_px, <message octets>)
regardless of the auth type used?
For example if the auth method used during login was RSA Digital Signature for
both client and gateway auth, then on session resumption, should the auth value
be computed using RSA private key as well or should the AUTH value be
computed using prf(SK_px, <message octets>)?
Thanks
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
