- From: <bugzilla@jessica.w3.org>
- Date: Thu, 02 Oct 2014 04:14:15 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=26950 Bug ID: 26950 Summary: Default HMAC keys should be output length, not block length Product: Web Cryptography Version: unspecified Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: Web Cryptography API Document Assignee: sleevi@google.com Reporter: rlb@ipv.sx CC: public-webcrypto@w3.org Currently the HMAC Operations section for generateKey requires the default key length to be equal to the block size of the underlying hash algorithm. https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#hmac-operations RFC 2104, which defines HMAC, says that there's no point to having keys longer than the *output* length of the hash (L): """ Keys longer than L bytes are acceptable but the extra length would not significantly increase the function strength. """ http://tools.ietf.org/html/rfc2104#section-3 The block length is typically much larger than the output length. In the case of SHA-256, for example, the block length is 512 bits. In order to avoid wasting bytes, the default key length for WebCrypto should be the output length of the hash. -- You are receiving this mail because: You are on the CC list for the bug.
Received on Thursday, 2 October 2014 04:14:17 UTC