RE: Bug 24806 - Should the spec mandate a minimum key length for HMAC? from Ryan Sleevi on 2014-02-28 (public-webcrypto@w3.org from February 2014)

From: Ryan Sleevi <sleevi@google.com>
Date: Fri, 28 Feb 2014 09:24:11 -0800
To: Jim Schaad <ietf@augustcellars.com>
Cc: Mark Watson <watsonm@netflix.com>, public-webcrypto@w3.org
Message-ID: <CACvaWvbP=_k6+_cuYekicxA+zCayrvOjdg6uwj84rFTqgNet_A@mail.gmail.com>

That length is unnecessarily restrictive for SHA2+, which is why NIST no
longer recommends that as the calculus.

Zero length keys are well defined. Are you suggesting prohibiting them from
import as well as generate?
On Feb 28, 2014 9:14 AM, "Jim Schaad" <ietf@augustcellars.com> wrote:

> I don’t think that I care one way or the other.  As an arbitrary lower
> bound I suppose it is fine.  I would also be just as happy with key length
> being a minimum of 1/2 of the hash output length.
>
>
>
> Jim
>
>
>
>
>
> *From:* Mark Watson [mailto:watsonm@netflix.com]
> *Sent:* Friday, February 28, 2014 8:29 AM
> *To:* public-webcrypto@w3.org
> *Subject:* Bug 24806 - Should the spec mandate a minimum key length for
> HMAC?
>
>
>
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=24806
>
>
>
> My proposal is to dis-allow zero length keys for HMAC. Comments ?
>
>
>
> ...Mark
>

Received on Friday, 28 February 2014 17:24:40 UTC