[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Truncation (was Re: replay field size)
Several people have pointed out that the discussion was about truncating
the MAC value produces by HMAC, not truncating the hash value produced by
SHA-1.
Truncating the MAC value is, as far as I know, a very good idea.
It might be worth to concider truncating the MAC to 96 bits, if this helps
reducing the total overhead. This would be big enough from a security point
of view. (See remark 4.8 in the HMAC paper "Keying Hash Functions for
Message Authentication" by Bellare, Canetti and Krawczyk, and the resently
re-posted remarks of Hugo.)
My apologies for the misunderstanding, I should have checked in the archive
what the discussion was about and not naively taken the messages at face
value.
Niels
--------------------------------------------------------------------------
Niels Ferguson, email: niels@DigiCash.com. (usual disclaimer applies)
...Of shoes, and ships, and sealing-wax, of cabbages, and kings,
And why the sea is boiling hot, and whether pigs have wings... [Carroll]