[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Groups - 11-07-11-proposal00090 uploaded
Document Name: 11-07-11-proposal00090 Description HTML Format Version: v1.05 of a proposal to add two protection-key-digest-algorithm methods, including a replaement for the pre-1.3 default case. AUTHZ160 does not depend on a hashing algorithm to match is value in order to authenticate removal of a protection. SHA1DK is password based but it uses salt values and iterated hashing to make it far more costly to attempt to discover the password used by repeated trials. Passwords that are used should still be considered compromisable simply because the protection key, even though 320 bits, is still available in plain sight and subject to off-line attacks. 1. Rationale 1.1 Vulnerability of Password Hash Values 1.2 SHA1DK for Password-Based Protection-Key Values 1.3 AUTHZ160 for Password-Less Protection-Key Values 2. Proposed Changes 3. Deployment Considerations 3.1 Down-Level Considerations 3.2 Immediate Usabilty of AUTHZ160 for Default Protection Keys 3.3 Confirmation of Resilient Down-Level Treatment 3.4 Future-Proofing of Extended ODF 1.2 Consumers and Producers B. Proposed Changes 1. Front Page 2. Section 19.697 table:protection-key 3. Section 19.698 table:protection-key-digest-algorithm 4. Section 19.850 text:protection-key 5. Section 19.851 text:protection-key-digest-algorithm C. Deployment Considerations Download Latest Revision Public Download Link Submitter: Mr. Dennis Hamilton Group: OASIS Open Document Format for Office Applications (OpenDocument) TC Folder: Proposals Date submitted: 2012-06-11 22:17:26 Revision: 5 |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]