OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pkcs11] Groups - HMAC-SHA-2 Pseudorandom Functions for PBKDF2 uploaded

On Fri, Feb 7, 2014 at 7:55 AM, Darren J Moffat
<Darren.Moffat@oracle.com> wrote:
> I was tempted to ask for the addition of HMAC-SHA512/t variants of the;
> since SHA512/t where t is 256 is often faster to calculate on 64bit
> processors[1] than SHA256.  However in this particular case I think the
> proposal is fine as it is.
> [1] that don't have a native SHA256 instruction like SPARC T4 onwards has
> and Intel is reported to be getting in a future release.

Hi Darren,

Thank you for your comment. For PBKDF2, the lack of a HMAC-SHA-256 PRF
identifier in PKCS #11 is a glaring hole. Anything else is mostly for
completeness. I added the ones listed in PKCS #5 v2.1 as examples. If
you send me suggested text for HMAC-SHA512/t PRF identifiers, I can
incorporate them. In particular, do you want HMAC_SHA512_224 and
HMAC_SHA512_256 separately, or a single HMAC_SHA512_T with a

Note: the draft I uploaded yesterday has a typo in the value for
CKP_PKCS5_PBKD2_HMAC_SHA512. I will upload a new draft to correct the

Wan-Teh Chang

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]