[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: test vectors for HMAC-SHA-1 - Test Data and Bad News
Excuse me but in fairness I would like to point out that I believe Cylink
has been made aware of this issue -- I for one don't want to grumble, I
want to interoperate...
If anyone from Cylink sees this and doesn't think they have been contacted,
consider yourself pinged...
>X-Sender: mike.sabin@postoffice.worldnet.att.net
>To: Edward Russell <erussell@ftp.com>, "'ipsec@tis.com'" <ipsec@tis.com>
>From: Michael Sabin <mike.sabin@worldnet.att.net>
>Subject: RE: test vectors for HMAC-SHA-1 - Test Data and Bad News
>Date: Thu, 6 Feb 1997 18:26:36 +0000
>Sender: owner-ipsec@ex.tis.com
>
>At 05:33 PM 2/6/97 +0000, Edward Russell wrote:
>>
>>At 04:27 PM 2/3/97 +0100, Niels Ferguson wrote:
>>>I have implemented HMAC using SHA-1 as hash function. I have found test
>>>vectors for HMAC based on MD5, but not for SHA-1. Does anybody have test
>>>vectors? If not, I would be happy to help create them.
>>>
>>
>>At the interoperability event in Dallas, it appears that
>>the BSAFE SHA is incompatible with the CYLINK SHA.
>>
>>In addition it appears that
>>BSAFE Diffie-Hellman is incompatible with the CYLINK Diffie-Hellman
>>
>>We compiled our (FTP Software) implementation of ISAKMP with either
>>BSAFE or CYLINK libraries and tested against different vendors and
>>got compatiblity or incompatibility based on which library we compiled
>>with.
>>
>>That being said, I wrote a test program for both SHA and HMAC SHA
>>and compiled it with CYLINK and then with BSAFE. The results are
>>posted below.
>>
>>HMAC KEY =
>>0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
>0x0b, 0x0b, 0x0b, 0x0b
>>
>>HMAC KEY LENGTH = 16
>>DATA "Hi There"
>>DATA LENGTH = 8
>>
>>DIGESTs:
>>
>>BSAFE HMAC SHA:
>>67 5B 0B 3A 1B 4D DF 4E 12 48 72 DA 6C 2F 63 2B FE D9 57 E9
>>
>>CYLINK HMAC SHA:
>>BC F6 85 57 4C B8 AA B1 B6 42 CE CB F3 89 A0 79 F6 48 84 F3
>>
>>
>>BSAFE SHA:
>>4B 3A ED 5F 9F E4 01 59 B4 99 53 6F B8 A1 0C DF 3B C6 2B 4C
>>
>>CYLINK SHA:
>>4C 2B C6 3B DF 0C A1 B8 6F 53 99 B4 59 01 E4 9F 5F ED 3A 4B
>
>I ran this data through my own implementation of SHA and SHA-HMAC, based on
>my own interpretation of the standards. Here are my results:
>
>SHA
>4b 3a ed 5f 9f e4 01 59 b4 99 53 6f b8 a1 0c df 3b c6 2b 4c
>
>HMAC-SHA
>67 5b 0b 3a 1b 4d df 4e 12 48 72 da 6c 2f 63 2b fe d9 57 e9
>
>My results agree with the BSAFE results. I have also tested my SHA
>implementation against the AH-SHA implementation in the NRL IPSEC code and
>gotten agreement.
>
>mike
>
>
>
Rodney Thayer <rodney@sabletech.com> +1 617 332 7292
Sable Technology Corp, 246 Walnut St., Newton MA 02160 USA
Fax: +1 617 332 7970 http://www.shore.net/~sable
"Developers of communications software"