Technical Summary
This document specifies a simple HMAC-based key derivation function
(HKDF) which can be used as a building block in various protocols and
applications. The KDF is intended to support a wide range of
applications and requirements, and is conservative in its use of
cryptographic hash functions.
Working Group Summary
This document was not the product of any working group.
However, this KDF is already specified in several standards
track RFCs produced by IETF wgs, including IKEv2 (RFC 4306),
PANA (RFC 5191) and EAP-AKA (RFC 5448).
In addition, the cfrg reviewed this document at the request
of the sponsoring AD. The discussion was lively, but focused
on additional functionality that could be considered. The cfrg
did not identify any changes that were required.
Document Quality
This KDF is widely implemented and used in the context of
specific IETF protocols, especially those that rely on IKEv2.
Personnel
Tim Polk is the Document Shepherd for this document and the
Responsible Area Director.
RFC Editor Note
Please make the following substitutions:
Section 1:
OLD
It is not intended as a call to change existing protocols.
NEW:
It is not intended as a call to change existing protocols,
and does not change or update existing specifications using
this KDF.
Section 2.2:
OLD:
PRK = HKDF-Extract(salt, IKM)
NEW
HKDF-Extract(salt, IKM) -> PRK
Section 2.3:
OLD
OKM = HKDF-Expand(PRK, info, L)
NEW:
HKDF-Expand(PRK, info, L) -> OKM