OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Fwd: Re: Fwd: Re: [office] Fwd: OASIS and encryption

----------  Forwarded Message  ----------

Subject: Re: Fwd: Re: [office] Fwd: OASIS and encryption
Date: Tuesday 07 September 2004 21:53
From: Brad Hards <bradh@frogmouth.net>
To: David Faure <faure@kde.org>

[For onforwarding]

On Tue, 31 Aug 2004 11:23 am, David Faure wrote:
> The PBKDF2 pseudo-random function is indeed HMAC-SHA-1, as defined in
> the PKCS#5 v2.0 document in appendices A.2 and B.1.1:
Thanks. That, with the test vector, confirmed that I'm on the right track.

> PKCS#5 only mentions a single implementation, in Appendix A.2 "...shall
> consist of HMAC-SHA-1...", and in Appendix B.1.1 explains that
> algorithm, only. This means that there would be some freedom for
> diverting implementations (because of the term SHALL), but the OOo
> people never heard of one not using HMAC-SHA-1.
I've seen it described with SHA-256 (in MSDN magazine, July 2004). Section 5 
of PKCS#5 (RFC2898) suggests that any PRF can be used - Appendix B.1 is an 

> If it helps, we of course might add a sentence to chapter 16.3
> clarifying that actually HMAC-SHA-1 is used within PBKDF2.
Probably a good idea.



David Faure, faure@kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]