OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [pkcs11] Proposal: CKM_SHA512_224, CKM_SHA512_256, CKM_SHA512_T




On 08/06/13 16:26, Andrey Jivsov wrote:


Even PKCS#11 uses trunc( SHA-1(text), 3 bytes) in a couple places.
There may even be a use for SHA-512/24 -- but it's not part of the
proposal either.

... yet let me observe that SHA-1/24 would be equivalent here to
SHA-512/24 (clearly, a non-signature use). If one insists on
all-SHA-512, it's a an edge case, but it has a neat solution: let the
caller truncate the hash.


Do you mean "trunc(SHA-1(x), 24 bits)" is equivalent to "SHA-512/24(x)",
or is equivalent to "trunc(SHA-512(x), 24 bits)"?  Which did you mean?

To clarify, when I say "SHA-512/24", I mean SHA-512/t, t=24.  I do not
mean trunc(SHA-512(x), 24).  Unless I missed something, there is no such
"SHA-1/24".  I wish to request that talking about straight, unadorned
truncation, trunc(x, len) be used instead.  Affixing the "/<whatever>"
notation to mean plain truncation of other hashes will only further the
initial confusion that "SHA-512/t" meant *simply* truncating to t bits,
and it does NOT.

D.


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]