See more on Chunks in general.

Generational Key

The purpose of a generational key is to introduce another key, as for a session key, without the size of a full 16 bytes of literal key material.

The payload is two uintV values. The first is the instance number of the KEYD chunk of the base key. The second is the generation number.

The generational key algorithm is as follows: CrypHash ("generational" || generation || basekey).

The generation needs to be expressed in a canonocal form, since the encoding of values in a uintV is not unique. To this end, we specify that the generation byte-string in the formula above is the big-endian representation of the integer with all leading zero bytes removed.


Valid HTML 4.01!

Page content copyright 2003 by John M. Dlugosz. Home:http://www.dlugosz.com, email:mailto:john@dlugosz.com