[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU Crypto] Small problem with HMac
From: |
Raif S. Naffah |
Subject: |
Re: [GNU Crypto] Small problem with HMac |
Date: |
Fri, 10 Jan 2003 19:37:14 +1100 |
User-agent: |
KMail/1.4.3 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
hello Casey,
On Friday 10 January 2003 18:29, Casey Marshall wrote:
> Raif S. Naffah wrote:
> | On Thursday 09 January 2003 23:22, Casey Marshall wrote:
> |>...
> Going through the test case attached, I also noticed that HMac also
> doesn't handle keys larger than the block size properly...
this is because section 3 in rfc-2104 reads:
"
3. Keys
The key for HMAC can be of any length (keys longer than B bytes are
first hashed using H). However, less than L bytes is strongly
discouraged as it would decrease the security strength of the
function. Keys longer than L bytes are acceptable but the extra
length would not significantly increase the function strength. (A
longer key may be advisable if the randomness of the key is
considered weak.)
"
i'd rather err on the side of caution. dont you agree?
cheers;
rsn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Que du magnifique
iD8DBQE+HoY7+e1AKnsTRiERA2VZAKDPUBXcWQ2BA40gehCKrQOLgLh+2ACgzTj/
BQnCXCiCnicfkcCwASF/iYU=
=JbhA
-----END PGP SIGNATURE-----