[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Fwd: Re: Fwd: Re: [office] Fwd: OASIS and encryption
---------- Forwarded Message ---------- Subject: Re: Fwd: Re: [office] Fwd: OASIS and encryption Date: Tuesday 07 September 2004 21:53 From: Brad Hards <bradh@frogmouth.net> To: David Faure <faure@kde.org> [For onforwarding] On Tue, 31 Aug 2004 11:23 am, David Faure wrote: > The PBKDF2 pseudo-random function is indeed HMAC-SHA-1, as defined in > the PKCS#5 v2.0 document in appendices A.2 and B.1.1: Thanks. That, with the test vector, confirmed that I'm on the right track. > PKCS#5 only mentions a single implementation, in Appendix A.2 "...shall > consist of HMAC-SHA-1...", and in Appendix B.1.1 explains that > algorithm, only. This means that there would be some freedom for > diverting implementations (because of the term SHALL), but the OOo > people never heard of one not using HMAC-SHA-1. I've seen it described with SHA-256 (in MSDN magazine, July 2004). Section 5 of PKCS#5 (RFC2898) suggests that any PRF can be used - Appendix B.1 is an example. > If it helps, we of course might add a sentence to chapter 16.3 > clarifying that actually HMAC-SHA-1 is used within PBKDF2. Probably a good idea. Brad ------------------------------------------------------- -- David Faure, faure@kde.org, sponsored by Trolltech to work on KDE, Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]