Re: [Hash] Charter discussion, round 1

Eric Rescorla <ekr@networkresonance.com> Tue, 28 June 2005 16:35 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnJ3l-0003NR-Fq; Tue, 28 Jun 2005 12:35:41 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnJ3k-0003NL-0C for hash@megatron.ietf.org; Tue, 28 Jun 2005 12:35:40 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA29399 for <hash@ietf.org>; Tue, 28 Jun 2005 12:35:37 -0400 (EDT)
Received: from laser.networkresonance.com ([198.144.196.2]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DnJT7-0001Yg-1G for hash@ietf.org; Tue, 28 Jun 2005 13:01:54 -0400
Received: from networkresonance.com (raman.networkresonance.com [198.144.196.3]) by laser.networkresonance.com (Postfix) with ESMTP id 77DF08A02D; Tue, 28 Jun 2005 09:41:57 -0700 (PDT)
To: Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [Hash] Charter discussion, round 1
In-reply-to: Your message of "Tue, 28 Jun 2005 08:31:58 PDT." <p06230977bee71c108c83@[10.20.30.249]>
X-Mailer: MH-E 7.4.3; nmh 1.0.4; XEmacs 21.4 (patch 15)
Date: Tue, 28 Jun 2005 09:35:21 -0700
From: Eric Rescorla <ekr@networkresonance.com>
Message-Id: <20050628164157.77DF08A02D@laser.networkresonance.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: hash@ietf.org, w3t-archive@w3.org
X-BeenThere: hash@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: hash.lists.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hash>
List-Post: <mailto:hash@lists.ietf.org>
List-Help: <mailto:hash-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=subscribe>
Sender: hash-bounces@lists.ietf.org
Errors-To: hash-bounces@lists.ietf.org

Paul Hoffman <paul.hoffman@vpnc.org> wrote:
> At 1:01 PM +0100 6/27/05, Ben Laurie wrote:
> >Russ Housley wrote:
> >> Perhaps "as a parameter to the algorithm identifier" captures the
> >> intent even better.  It would read:
> >>
> >>   2) Including a random value in the hash function computation. The
> >>      random block used is transferred as a parameter to the algorithm
> >>      identifier.  This approach is sometimes called a "salted" or
> >>      "randomized" hash function.
> >
> > It strikes me as weird, describing it as a parameter to the
> > algorithm identifier - firstly, it seems this wording is derived
> > from where you want to fit it into ASN.1
> 
> ... and PGP and IKE and other protocols that have parameters for
> crypto functions.
> 
> > , and secondly, why constrain it in this way? A protocol could
> > easily transfer the random value somewhere other than in the
> > algorithm identification.
> 
> You may be right, but I'm not convinced about "easily".
> 
> Do you have different wording that would help, for example, TLS use
> these kinds of functions if we define them?

TLS probably doesn't need them. Digital signatures in TLS are over
jointly randomly generated values and not for non-repudation purposes.

-Ekr

_______________________________________________
Hash mailing list
Hash@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/hash