[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-ipsec-ciph-sha-256-00.txt



> 	Title		: The HMAC-SHA-256-96 Algorithm and Its Use With IPsec
> 	Author(s)	: S. Frankel, S. Kelly
> 	Filename	: draft-ietf-ipsec-ciph-sha-256-00.txt
> 	Pages		: 8
> 	Date		: 16-Nov-01

the section 5 in RFC2104 says,

   We recommend that
   the output length t be not less than half the length of the hash
   output (to match the birthday attack bound) and not less than 80 bits
   (a suitable lower bound on the number of bits that need to be
   predicted by an attacker).

is that ok to truncate into 96bit ?


Follow-Ups: