Cryptography Reference
In-Depth Information
are each used, along with the HMAC algorithm specifi ed in Chapter 4, to gen-
erate an arbitrary quantity of output independently. Then the results of both
the MD5 HMAC and the SHA HMAC are XORed together to produce the fi nal
result. The secret is split up so that the MD5 routine gets the fi rst half and the
SHA routine gets the second half:
Consider using the triple (“abcd”, “efgh”, “ijkl” ) to generate 40 bytes of output
through the PRF as shown in Figure 6-7.
secret
label
seed
“abcd”
“efgh”
“ijkl”
PRF
½ secret, label + seed
“ab”, “efghijkl”, 40
½ secret, label + seed
“cd”, “efghijkl”, 40
P_MD5
P_SHA1
final result
Figure 6-7: TLS's pseudo-random function
So what are these P_MD5 and P_SHA1 blocks that are XORed together to pro-
duce the fi nal result? Well, if you recall from Chapter 4, MD5 produces 16 bytes
of output, regardless of input length, and SHA-1 produces 20. If you want to
produce an arbitrary amount of data based on the secret, the label, and the
seed using these hashing algorithms, you have to call them more than once. Of
course, you have to call them with different data each time, otherwise you get
the same 16 bytes back each time. P_[MD5|SHA1] actually use the HMAC algo-
rithm, again, to produce the input to the fi nal HMAC algorithm. So what goes
into the HMAC algorithms that go into the HMAC algorithms? More HMAC
 
Search WWH ::




Custom Search