Re: [babel] Blake2S, blake2B or neither? [was: rather than ripemd160...]
Toke Høiland-Jørgensen <toke@toke.dk> Sat, 01 December 2018 19:10 UTC
Return-Path: <toke@toke.dk>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C83D130E2B for <babel@ietfa.amsl.com>; Sat, 1 Dec 2018 11:10:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=toke.dk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jD6eweDfJUAe for <babel@ietfa.amsl.com>; Sat, 1 Dec 2018 11:10:38 -0800 (PST)
Received: from mail.toke.dk (mail.toke.dk [52.28.52.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 221C1130E23 for <babel@ietf.org>; Sat, 1 Dec 2018 11:10:38 -0800 (PST)
From: Toke Høiland-Jørgensen <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023; t=1543691402; bh=MhA9r0tEORLVKQc96OHBxB41ZRS5X057P6krrbKu/Nk=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=c23ATayFRXYXkyEkVaFC5P1D9ri8/46vBYNP0VVZJ7frLtkQPMF9ZbA/C82J4raGs npy3r+E+q6qrVUsaUyh7DyJvkKwTsm3JkWQOXcNNTpDTqN9wv230lcOfCc6t8uxOO+ iUL8mpqCCAqTF9OdaxbIXwuqfq+KM1Czq5pvJjmGBfKGLMNIU6kGWM1ke0TF1MMrZC ewK79d6vPvyBr0SKjgzykbKEeRNjdwL/d0NQDTQOHvTaETjlnYikbqly37AZHMBfmI P1jqUATWOIxUDmB2iZHLBEhTDfAA0xrVYf2by1TEA3/HZSnHpjxyzHFIxKQlExaXCI dM8XUZb/KKsXQ==
To: Juliusz Chroboczek <jch@irif.fr>
Cc: Markus Stenberg <markus.stenberg@iki.fi>, Dave Täht <dave@taht.net>, babel-users <babel-users@lists.alioth.debian.org>, babel@ietf.org
In-Reply-To: <874lbxh508.wl-jch@irif.fr>
References: <CAA93jw5fHRm21yEJsabiiOF1ZP7Zh3M_gEgRo0imBOpRGhf0qA@mail.gmail.com> <87in0koun6.wl-jch@irif.fr> <87in0kx98o.fsf@toke.dk> <CAA93jw5gaYgyUX-ABX156_TnFX25Sy5SLyuRgd28fMLfRW4UHA@mail.gmail.com> <871s78x7z0.fsf@toke.dk> <2D09D61DDFA73D4C884805CC7865E6114DF44154@GAALPA1MSGUSRBF.ITServices.sbc.com> <87pnurwo5e.fsf@toke.dk> <CAPDSy+5QDu_kW-f=JWO1cPJJnDwDNpVwxwVC9SxfcE5+EOMpRg@mail.gmail.com> <87o9a9v3c6.fsf@toke.dk> <875zwhxv28.wl-jch@irif.fr> <8736rl16yj.fsf@taht.net> <87lg5cxuql.fsf@taht.net> <1C6B19AE-EAA7-4329-A364-8E4C059DAC01@iki.fi> <87woouq24j.fsf@toke.dk> <87in0e6c6v.wl-jch@irif.fr> <87o9a6pumz.fsf@toke.dk> <874lbxh508.wl-jch@irif.fr>
Date: Sat, 01 Dec 2018 20:09:59 +0100
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <87sgzhjc6w.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/PPMKL6S8aKqpkbAHVqUG4luzDoc>
Subject: Re: [babel] Blake2S, blake2B or neither? [was: rather than ripemd160...]
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Dec 2018 19:10:40 -0000
Juliusz Chroboczek <jch@irif.fr> writes: >>> (1) leave the document as it is; >>> (2) add a mention that implementation of Blake2S is RECOMMENDED (SHOULD); >>> (3) add a mention that implementation of Blake2B is RECOMMENDED; >>> (4) add a mention that implementation of both 2B and 2S is RECOMMENDED. > >> I'm in favour of (2). > > Where is Blake2S-based HMAC defined? RFC 7693 merely says: > > BLAKE2 does not require > a special "HMAC" (Hashed Message Authentication Code) construction > for keyed message authentication as it has a built-in keying > mechanism. > > but it does not appear to clearly define the HMAC construction. Section 3.3 simply says: If a secret key is used (kk > 0), it is padded with zero bytes and set as d[0]. Otherwise, d[0] is the first data block. The final data block d[dd-1] is also padded with zero to "bb" bytes (16 words). -Toke
- [babel] rather than ripemd160... Dave Taht
- Re: [babel] rather than ripemd160... Juliusz Chroboczek
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- [babel] HMAC and MTI [was: rather than ripemd160.… Juliusz Chroboczek
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] HMAC and MTI [was: rather than ripemd… Markus Stenberg
- Re: [babel] HMAC and MTI [was: rather than ripemd… Toke Høiland-Jørgensen
- [babel] HMAC Key rotation key format (was ripemd) Dave Taht
- Re: [babel] HMAC and MTI [was: rather than ripemd… Juliusz Chroboczek
- Re: [babel] HMAC Key rotation key format (was rip… Mahesh Jethanandani
- Re: [babel] [Babel-users] rather than ripemd160... STARK, BARBARA H
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] HMAC Key rotation key format (was rip… Toke Høiland-Jørgensen
- Re: [babel] HMAC Key rotation key format (was rip… Dave Taht
- Re: [babel] HMAC Key rotation key format (was rip… Toke Høiland-Jørgensen
- Re: [babel] [Babel-users] rather than ripemd160... David Schinazi
- Re: [babel] [Babel-users] HMAC Key rotation key f… David Schinazi
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] [Babel-users] rather than ripemd160... Juliusz Chroboczek
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... David Schinazi
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- [babel] DTLS and hmac co-existence Dave Taht
- Re: [babel] [Babel-users] DTLS and hmac co-existe… David Schinazi
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] HMAC Key rotation key f… Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] DTLS and hmac co-existe… Dave Taht
- Re: [babel] [Babel-users] HMAC Key rotation key f… Ted Lemon
- Re: [babel] [Babel-users] rather than ripemd160... Markus Stenberg
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- [babel] Blake2S, blake2B or neither? [was: rather… Juliusz Chroboczek
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Toke Høiland-Jørgensen
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Markus Stenberg
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Juliusz Chroboczek
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Toke Høiland-Jørgensen
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Juliusz Chroboczek
- Re: [babel] [Babel-users] Blake2S, blake2B or nei… Dave Taht
- Re: [babel] [Babel-users] HMAC Key rotation key f… Juliusz Chroboczek
- Re: [babel] HMAC Key rotation key format (was rip… Juliusz Chroboczek
- Re: [babel] HMAC Key rotation key format (was rip… Dave Taht
- Re: [babel] HMAC Key rotation key format (was rip… Markus Stenberg