commit 2ad5540a7ee5ad2cef9a691dcd24687774dcf4a3 parent 34709ff00d670ac2ed286e2e8237a22f72d0acd0 Author: Martin Schanzenbach <mschanzenbach@posteo.de> Date: Wed, 23 Sep 2020 17:52:14 +0200 cleanup Diffstat:
| M | draft-schanzen-gns.xml | | | 67 | +++++++++++++++++-------------------------------------------------- |
1 file changed, 17 insertions(+), 50 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml @@ -303,31 +303,14 @@ zk' := h mod L * zk We use a hash-based key derivation function (HKDF) as defined in <xref target="RFC5869" />. We use HMAC-SHA512 for the extraction phase and HMAC-SHA256 for the expansion phase. + "PRK_h" is key material retrieved using an HKDF using the string + "key-derivation" as salt and the public zone key "zk" as initial + keying material. + "h" is the 512-bit HKDF expansion result. The expansion info input is + a concatenation of the label and string "gns". + "label" is a UTF-8 string under which the resource records are + published. </t> - <dl> - <dt>PRK_h</dt> - <dd> - is key material retrieved using an HKDF using the string - "key-derivation" as salt and the public zone key "zk" as initial - keying material. - </dd> - <dt>h</dt> - <dd> - is the 512-bit HKDF expansion result. The expansion info input is a - concatenation of the label and string "gns". - </dd> - <dt>d</dt> - <dd> - is the 256-bit private zone key as defined in <xref target="zone_type_pkey" />. - </dd> - <dt>label</dt> - <dd>is a UTF-8 string under which the resource records are published. - </dd> - <dt>L</dt> - <dd> - is the prime-order subgroup as defined in <xref target="zone_type_pkey" />. - </dd> - </dl> <t> We point out that the multiplication of "zk" with "h" is a point multiplication, while the multiplication of "d" with "h" is a scalar multiplication. @@ -417,33 +400,17 @@ zk' := h mod L * zk We use a hash-based key derivation function (HKDF) as defined in <xref target="RFC5869" />. We use HMAC-SHA512 for the extraction phase and HMAC-SHA256 for the expansion phase. + "PRK_h" is key material retrieved using an HKDF using the string + "key-derivation" as salt and the public zone key "zk" as initial + keying material. + "h" is the 512-bit HKDF expansion result. The expansion info input is + a concatenation of the label and string "gns". + The result of the HKDF must be clamped. + "a" is the 256-bit integer correspinding to the 256-bit private zone + key d as defined in <xref target="zone_type_edkey" />. + "label" is a UTF-8 string under which the resource records are + published. </t> - <dl> - <dt>PRK_h</dt> - <dd> - is key material retrieved using an HKDF using the string - "key-derivation" as salt and the public zone key "zk" as initial - keying material. - </dd> - <dt>h</dt> - <dd> - is the 512-bit HKDF expansion result. The expansion info input is a - concatenation of the label and string "gns". - The result of the HKDF must be clamped. - </dd> - <dt>a</dt> - <dd> - is the 256-bit integer correspinding to the 256-bit private zone - key d as defined in <xref target="zone_type_edkey" />. - </dd> - <dt>label</dt> - <dd>is a UTF-8 string under which the resource records are published. - </dd> - <dt>L</dt> - <dd> - is the prime-order subgroup as defined in <xref target="zone_type_pkey" />. - </dd> - </dl> <t> We point out that the multiplication of "zk" with "h" is a point multiplication, while the multiplication of "a" with "h" is a scalar multiplication.