Salt and Iteration for HMAC (http://www.w3.org/2000/09/xmldsig#hmac-sha1) from Steve Wang on 2002-03-05 (w3c-ietf-xmldsig@w3.org from January to March 2002)

From: Steve Wang <steve.wang@entegrity.com>
Date: Tue, 5 Mar 2002 11:18:47 -0500 (EST)
To: <w3c-ietf-xmldsig@w3.org>
Message-ID: <00d501c1c461$77684b00$65030a0a@chromatix.com>

Hi, all,

We have an XML application case for password-based HMAC
(http://www.w3.org/2000/09/xmldsig#hmac-sha1)
We need to compute a secret key from a password, salt and iteration count
first (for dictionary attack) and then feed this secret key to the
HMAC defined in XML DSIG.

The question is where we will store this salt and iteration count. It makes
more
sense for me to store them within the signature node but I did not find
any proper place in XML DSIG Signature node. Does XML DSIG not
support this? If so, we may have to store them within application entities.

Thank you.

Steve

Received on Tuesday, 5 March 2002 12:49:17 UTC