Re: [Hash] Charter discussion, round 1

Russ Housley <housley@vigilsec.com> Thu, 16 June 2005 14:52 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DivjI-0007xo-8o; Thu, 16 Jun 2005 10:52:28 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DivjH-0007xj-B4 for hash@megatron.ietf.org; Thu, 16 Jun 2005 10:52:27 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA28092 for <hash@ietf.org>; Thu, 16 Jun 2005 10:52:21 -0400 (EDT)
Received: from woodstock.binhost.com ([144.202.243.4]) by ietf-mx.ietf.org with smtp (Exim 4.33) id 1Diw6B-0004iX-8q for hash@ietf.org; Thu, 16 Jun 2005 11:16:08 -0400
Received: (qmail 5449 invoked by uid 0); 16 Jun 2005 14:51:00 -0000
Received: from unknown (HELO Russ-Laptop.vigilsec.com) (138.88.7.87) by woodstock.binhost.com with SMTP; 16 Jun 2005 14:51:00 -0000
Message-Id: <6.2.1.2.2.20050616104551.064bca50@mail.binhost.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.1.2
Date: Thu, 16 Jun 2005 10:50:51 -0400
To: Thomas Roessler <tlr@w3.org>
From: Russ Housley <housley@vigilsec.com>
Subject: Re: [Hash] Charter discussion, round 1
In-Reply-To: <20050616081143.GC32581@raktajino.does-not-exist.org>
References: <6.2.1.2.2.20050609152413.078e8ac0@mail.binhost.com> <p06210245bece4ebbbea1@[10.20.30.249]> <20050616081143.GC32581@raktajino.does-not-exist.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc: w3t-archive@w3.org, hash@ietf.org
X-BeenThere: hash@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: hash.lists.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hash>
List-Post: <mailto:hash@lists.ietf.org>
List-Help: <mailto:hash-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=subscribe>
Sender: hash-bounces@lists.ietf.org
Errors-To: hash-bounces@lists.ietf.org

Thomas:

This text is intended to man that the salt is transferred along with the 
algorithm identifier some how.

Using the 1988 ASN.1 syntax, an algorithm identifier is defined as:

    AlgorithmIdentifier  ::=  SEQUENCE  {
         algorithm               OBJECT IDENTIFIER,
         parameters              ANY DEFINED BY algorithm OPTIONAL  }

In this structure, a new value would be assigned to identify the "SHA-1 
with a salt" hash function, and the parameters field would carry the salt 
value.

Russ


At 04:11 AM 6/16/2005, Thomas Roessler wrote:
>Hello,
>
>a quick question for clarification...
>
>On 2005-06-09 13:02:47 -0700, Paul Hoffman wrote:
>
> >   2) Including a random value in the hash function computation. The
> >      random block used is transferred as a parameter in the algorithm
> >      identifier.  This approach is sometimes called a "salted" or
> >      "randomized" hash function.
>
>Is this meant to imply an approach where hash identifiers would look
>like, say, "shaN-0xdeadbeef", 0xdeadbeef being the salt?  Or is it
>merely meant to imply that the seed would be transferred along with
>the algorithm identifier, somehow?
>
>My concern with the first interpretation would be that it mixes
>badly with XML Signature, where algorithm identifiers are URIs
>(hence opaque), but where other mechanisms for passing parameters
>are readily available.
>
>Thanks,
>--
>Thomas Roessler, W3C   <tlr@w3.org>;


_______________________________________________
Hash mailing list
Hash@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/hash