Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt
Paul Koning <pkoning@equallogic.com> Wed, 12 December 2001 21:08 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fBCL8U205012; Wed, 12 Dec 2001 13:08:31 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id PAA20113 Wed, 12 Dec 2001 15:23:14 -0500 (EST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <15383.48863.893728.721499@pkoning.dev.equallogic.com>
Date: Wed, 12 Dec 2001 15:32:31 -0500
From: Paul Koning <pkoning@equallogic.com>
To: ipsec@lists.tislabs.com
Subject: Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt
References: <200111191329.IAA26802@ietf.org> <20011213033745S.sakane@kame.net>
X-Mailer: VM 6.75 under 21.1 (patch 11) "Carlsbad Caverns" XEmacs Lucid
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
>>>>> "Shoichi" == Shoichi Sakane <sakane@kame.net> writes: >> Title : The HMAC-SHA-256-96 Algorithm and Its Use With IPsec >> Author(s) : S. Frankel, S. Kelly Filename : >> draft-ietf-ipsec-ciph-sha-256-00.txt Pages : 8 Date : 16-Nov-01 Shoichi> the section 5 in RFC2104 says, > We recommend that the output length t be not less than half > the length of the hash output (to match the birthday attack > bound) and not less than 80 bits (a suitable lower bound on > the number of bits that need to be predicted by an > attacker). Shoichi> is that ok to truncate into 96bit ? Applying the text from 2104 says "no" and the length should instead be 128 or more. Which makes me wonder: why was 96 chosen for the original 2 HMACs and not 80? 80 would be the minimum value that satisfies the guideline from RFC 2104. Should therefore the SHA-2 based HMAC use a length greater than 128 bits? paul
- I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt Internet-Drafts
- Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.t… Hugo Krawczyk
- Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.t… Shoichi Sakane
- Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.t… Paul Koning
- Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.t… Bart Preneel
- Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.t… Steven M. Bellovin
- Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.t… Bart Preneel