Devise cipher suites

[bjoerntm]

We currently do ad-hoc key derivation for finite field DH.

• Check whether the parameters are properly chosen.
• Figure out what to do for EC.
• Probably implement key derivation as a special module.

Going forward, we should probably devise cipher suites that consist of appropriate methods for, e.g., key exchange and key derivation, so that one can simply choose a given cipher suite for a certain security level. (Basically: certain cryptographic schemes of appropriate security levels bundled together.)

[bjoerntm]

We can use the lowermost 1024 bits in the 2048-bit group and still get almost 512 bits of security in extraction. (This has to be checked carefully for each group and should probably be a parameter.)

[bjoerntm]

If we introduce cipher suites generically, we should in particular get rid of the MINIMUM_KEY_LENGTH_IN_BYTES = 64 in the class api.keyexchage.Key, since this is to be determined by the cipher suite.

[bjoerntm]

Extraction should be an explicit step; the DH key exchange can dump the full DH key, and then we use a, e.g., PostfixExtractor that only uses the lowermost bits.