@techreport{grewal-aes-gcm-bifurcated-key-00,
	number =	{draft-grewal-aes-gcm-bifurcated-key-00},
	type =		{Internet-Draft},
	institution =	{Internet Engineering Task Force},
	publisher =	{Internet Engineering Task Force},
	note =		{Work in Progress},
	url =		{https://datatracker.ietf.org/doc/html/draft-grewal-aes-gcm-bifurcated-key-00},
        author =	{Ken Grewal and Men long},
	title =		{{AES-GCM using two independent keys}},
	pagetotal =	9,
	year =		2010,
	month =		jun,
	day =		28,
	abstract =	{This document describes modifications to the AES-GCM algorithm to allow separation of the data authenticity and data confidentiality keys, while preserving the performance benefits of the algorithm. When AES-GCM is applied to network protocols such as IPsec and TLS, separation of these keys allows the data confidentiality key to be shared with trusted intermediary nodes on the network, while preserving the data authenticity functions in an end-to-end manner. The current definition of AES-GCM uses a single key for confidentiality and authenticity hence it is not possible to share the key with trusted network nodes, without compromising the data authenticity functions.},
}