[Ndn-interest] Adding HMAC to available NDN signature types
Tai-Lin Chu
tailinchu at gmail.com
Fri Sep 19 22:09:13 PDT 2014
just some hmac facts:
1. if key is longer than block size, key = hash(key)
2. if key is shorter than block size, key = key pad with zeros
It might be better if the doc simply says that "standard hmac with
sha256 hash is used". hmac has so many details, and we should not
redocument them again.
On Fri, Sep 19, 2014 at 9:45 PM, Yingdi Yu <yingdi at cs.ucla.edu> wrote:
> Hi Adeola,
>
> It is great that we have a proposal for HMAC, a few comments about the doc.
>
> 1. I think you should mentioned in the spec that how to handle keys that are
> longer than the hash output.
> 2. we should either disable keys that are shorter than hash output or still
> state how to generate HMAC when a key is short. Just "discourage" is not
> enough.
>
> Yingdi
>
> On Sep 19, 2014, at 11:12 AM, Adeola Bannis <thecodemaiden at gmail.com> wrote:
>
> Hello all,
>
> I am proposing to add an HMAC type, using SHA256 as the hash function, to
> the signature types defined at
> http://named-data.net/doc/NDN-TLV/current/signature.html. This will enable
> communication with symmetric keys, which reduces the signing and
> verification load on resource-constrained devices.
>
> The proposal is attached. Please review it and reply with any comments or
> suggestions.
>
> Thanks,
> Adeola
> <TLV_spec_HMAC_SHA256.docx>_______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>
>
>
>
>
>
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>
More information about the Ndn-interest
mailing list