W3C home > Mailing lists > Public > public-xmlsec@w3.org > October 2011

RE: In XML encryption 1.1, the PBKDF2-params/KeyLength is superfluous

From: Magnus Nystrom <mnystrom@microsoft.com>
Date: Mon, 17 Oct 2011 15:56:41 +0000
To: "XMLSec WG Public List (public-xmlsec@w3.org)" <public-xmlsec@w3.org>
Message-ID: <D744D68428430B4F9C81DE8A4D5950681219AFC2@TK5EX14MBXW602.wingroup.windeploy.ntdev.microsoft.com>
Pratik wrote:

> Can we remove the  KeyLength parameter in  PBKDF2 ?
> In the other two key derivation functions - ConcatKDF and LegacyKeyDerivation, the length of the key to be derived is not specified ,
> rather it needs to be inferred from the context.  We should have PBKDF2  also behave similarly.  

I don't see how one could do this as the KeyLength is an integral part of the PBKDF2 algorithm. For example, it is used to determine how many blocks of hash output that is required. I'd recommend not trying to change this at this point.

-- Magnus
Received on Monday, 17 October 2011 15:57:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 17 October 2011 15:57:21 GMT