TLS HMAC key bit-length
Nick Mathewson
nickm at freehaven.net
Sat Mar 3 22:11:56 UTC 2007
On Sat, Mar 03, 2007 at 12:23:56PM -0500, James Muir wrote:
> Does anyone know the bit-length of the symmetric keys used in HMAC after
> two nodes establish a TLS session? I've tried to discover this from the
> specs, source code and using various "openssl s_client" commands, but no
> luck.
Check out section 6.3 of RFC2246: the MAC secrets are derived from the
first 2*SecurityParmeters.hash_size bytes of the generated key block.
So this will be 20 bytes if the hash is SHA-1, etc.
hth,
--
Nick Mathewson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20070303/58f68ea8/attachment.pgp>
More information about the tor-talk
mailing list