Re: [TLS] Truncated HMAC recommendation

Mike <mike-list@pobox.com> Mon, 27 November 2006 19:11 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GoltX-00014N-9z; Mon, 27 Nov 2006 14:11:59 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GoltV-00014C-SN for tls@ietf.org; Mon, 27 Nov 2006 14:11:57 -0500
Received: from rune.pobox.com ([208.210.124.79]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GoltT-00043n-M6 for tls@ietf.org; Mon, 27 Nov 2006 14:11:57 -0500
Received: from rune (localhost [127.0.0.1]) by rune.pobox.com (Postfix) with ESMTP id 649FA97732 for <tls@ietf.org>; Mon, 27 Nov 2006 14:12:17 -0500 (EST)
Received: from [192.168.1.8] (wsip-24-234-114-35.lv.lv.cox.net [24.234.114.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by rune.sasl.smtp.pobox.com (Postfix) with ESMTP id 9F99D9772F for <tls@ietf.org>; Mon, 27 Nov 2006 14:12:16 -0500 (EST)
Message-ID: <456B38EC.3030409@pobox.com>
Date: Mon, 27 Nov 2006 11:13:48 -0800
From: Mike <mike-list@pobox.com>
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
To: tls@ietf.org
Subject: Re: [TLS] Truncated HMAC recommendation
References: <279DDDAFA85EC74C9300A0598E704056FE7433@hdsmsx412.amr.corp.intel.com>
In-Reply-To: <279DDDAFA85EC74C9300A0598E704056FE7433@hdsmsx412.amr.corp.intel.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

> MAC truncation is not done to save bytes over the wire.

The spec says that "it may be desirable in constrained
environments to save bandwidth by truncating the output
of the hash function to 80 bits when forming MAC tags."

If that weren't the case, why would you want to truncate
the MAC?

Mike

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls