W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2002

Salt and Iteration for HMAC (http://www.w3.org/2000/09/xmldsig#hmac-sha1)

From: Steve Wang <steve.wang@entegrity.com>
Date: Tue, 5 Mar 2002 11:18:47 -0500 (EST)
Message-ID: <00d501c1c461$77684b00$65030a0a@chromatix.com>
To: <w3c-ietf-xmldsig@w3.org>
Hi, all,

We have an XML application case for password-based HMAC
(http://www.w3.org/2000/09/xmldsig#hmac-sha1)
We need to compute a secret key from a password, salt and iteration count
first (for dictionary attack) and then feed this secret key to the
HMAC defined in XML DSIG.

The question is where we will store this salt and iteration count. It makes
more
sense for me to store them within the signature node but I did not find
any proper place in XML DSIG Signature node. Does XML DSIG not
support this? If so, we may have to store them within application entities.

Thank you.

Steve
Received on Tuesday, 5 March 2002 12:49:17 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:14 GMT