gnu-crypto-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU Crypto] Small problem with HMac

From: Raif S. Naffah
Subject: Re: [GNU Crypto] Small problem with HMac
Date: Fri, 10 Jan 2003 19:37:14 +1100
User-agent: KMail/1.4.3 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

hello Casey,

On Friday 10 January 2003 18:29, Casey Marshall wrote:
> Raif S. Naffah wrote:
> | On Thursday 09 January 2003 23:22, Casey Marshall wrote:
> |>...
> Going through the test case attached, I also noticed that HMac also
> doesn't handle keys larger than the block size properly...

this is because section 3 in rfc-2104 reads:

"
3. Keys

   The key for HMAC can be of any length (keys longer than B bytes are
   first hashed using H).  However, less than L bytes is strongly
   discouraged as it would decrease the security strength of the
   function.  Keys longer than L bytes are acceptable but the extra
   length would not significantly increase the function strength. (A
   longer key may be advisable if the randomness of the key is
   considered weak.)
"

i'd rather err on the side of caution.  dont you agree?


cheers;
rsn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Que du magnifique

iD8DBQE+HoY7+e1AKnsTRiERA2VZAKDPUBXcWQ2BA40gehCKrQOLgLh+2ACgzTj/
BQnCXCiCnicfkcCwASF/iYU=
=JbhA
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]