< draft-eastlake-sha2b-04.txt   draft-eastlake-sha2b-05.txt >
Network Working Group Donald Eastlake 3rd Network Working Group Donald Eastlake 3rd
INTERNET-DRAFT Stellar Switches INTERNET-DRAFT Huawei
Obsoletes: 4634 Tony Hansen Obsoletes: 4634 Tony Hansen
Updates: 3174 AT&T Labs Updates: 3174 AT&T Labs
Intended Status: Informational Intended Status: Informational
Expires: March 21, 2011 September 22, 2010 Expires: June 19, 2011 December 20, 2010
US Secure Hash Algorithms US Secure Hash Algorithms
(SHA and SHA based HMAC and HKDF) (SHA and SHA based HMAC and HKDF)
<draft-eastlake-sha2b-04.txt> <draft-eastlake-sha2b-05.txt>
Abstract Abstract
This document replaces RFC 4634, fixing errata and adding code for an
HMAC-based extract-and-expand key derivation function.
The United States of America has adopted a suite of secure hash The United States of America has adopted a suite of secure hash
algorithms (SHAs), including four beyond SHA-1, as part of a Federal algorithms (SHAs), including four beyond SHA-1, as part of a Federal
Information Processing Standard (FIPS), specifically SHA-224, Information Processing Standard (FIPS), specifically SHA-224,
SHA-256, SHA-384, and SHA-512. This document makes open source code SHA-256, SHA-384, and SHA-512. This document makes open source code
performing the SHA hash functions conveniently available to the performing the SHA hash functions conveniently available to the
Internet community. The sample code supports input strings of Internet community. The sample code supports input strings of
arbitrary bit length. Much of the text herein was adapted by the arbitrary bit length. Much of the text herein was adapted by the
authors from FIPS 180-2. authors from FIPS 180-2.
As with RFC 4634, code to perform SHA based HMACs is included and, This document replaces RFC 4634, fixing errata and adding code for an
new in this version, code for HKDF (RFC 5869) is included. HMAC-based extract-and-expand key derivation function, HKDF (RFC
5869). As with RFC 4634, code to perform SHA based HMACs is also
included.
Status of This Memo Status of This Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Distribution of this document is unlimited. Comments should be sent Distribution of this document is unlimited. Comments should be sent
to the authors. to the authors.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
skipping to change at page 2, line 52 skipping to change at page 2, line 52
8.5 The Test Driver.......................................88 8.5 The Test Driver.......................................88
9. IANA Considerations...................................119 9. IANA Considerations...................................119
10. Security Considerations..............................119 10. Security Considerations..............................119
11. Acknowledgements.....................................119 11. Acknowledgements.....................................119
12. References...........................................120 12. References...........................................120
12.1 Normative References................................120 12.1 Normative References................................120
12.2 Informative References..............................120 12.2 Informative References..............................120
Appendix: Changes from RFC 4634..........................121 Appendix: Changes from RFC 4634..........................121
Appendix Z: RFC Editor Note, Edit History................122
Appendix Z: Edit History.................................122
Z.1 Changes from -00 to -01..............................122
Z.2 Changes from -01 to -02..............................122
Z.3 Changes from -02 to -03..............................122
Z.4 Changes from -03 to -04..............................122
INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF
1. Overview of Contents 1. Overview of Contents
This document obsoletes [RFC4634]; and the changes from that RFC are
summarized in the Appendix.
This document includes specifications for the United States of This document includes specifications for the United States of
America (USA) Federal Information Processing Standard (FIPS) Secure America (USA) Federal Information Processing Standard (FIPS) Secure
Hash Algorithms (SHAs), code to implement the SHAs, code to implement Hash Algorithms (SHAs), code to implement the SHAs, code to implement
HMACs based on the SHAs, and code to implement HKDF based on HMAC. HMACs based on the SHAs, and code to implement HKDF based on HMAC.
Specifications for HMAC and HKDF are not included as they appear Specifications for HMAC and HKDF are not included as they appear
elsewhere in the RFC series [RFC2104] [RFC5869]. elsewhere in the RFC series [RFC2104] [RFC5869].
NOTE: Much of the text below is taken from [SHS] and the assertions NOTE: Much of the text below is taken from [SHS] and the assertions
of the security of the hash algorithms described therein are made by of the security of the hash algorithms described therein are made by
the US Government, the author of [SHS], not by the authors of this the US Government, the author of [SHS], not by the authors of this
skipping to change at page 3, line 50 skipping to change at page 3, line 47
message in transit will, with very high probability, result in a message in transit will, with very high probability, result in a
different message digest. This will result in a verification failure different message digest. This will result in a verification failure
when the secure hash algorithm is used with a digital signature when the secure hash algorithm is used with a digital signature
algorithm or a keyed-hash message authentication algorithm. algorithm or a keyed-hash message authentication algorithm.
The code provided herein supports input strings of arbitrary bit The code provided herein supports input strings of arbitrary bit
length. SHA-1's sample code from [RFC3174] has also been updated to length. SHA-1's sample code from [RFC3174] has also been updated to
handle input strings of arbitrary bit length. Permission is granted handle input strings of arbitrary bit length. Permission is granted
for all uses, commercial and non-commercial, of this code. for all uses, commercial and non-commercial, of this code.
This document obsoletes [RFC4634]; and the changes from that RFC are
summarized in the Appendix.
ASN.1 OIDs (Object Identifiers) for the SHA algorithms, taken from ASN.1 OIDs (Object Identifiers) for the SHA algorithms, taken from
[RFC4055], are as follows: [RFC4055], are as follows:
id-sha1 OBJECT IDENTIFIER ::= { iso(1) id-sha1 OBJECT IDENTIFIER ::= { iso(1)
identified-organization(3) oiw(14) identified-organization(3) oiw(14)
secsig(3) algorithms(2) 26 } secsig(3) algorithms(2) 26 }
INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF
id-sha224 OBJECT IDENTIFIER ::= {{ joint-iso-itu-t(2) id-sha224 OBJECT IDENTIFIER ::= {{ joint-iso-itu-t(2)
skipping to change at page 19, line 15 skipping to change at page 19, line 15
INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF
In addition, functions with the prefix USHA are provided that take a In addition, functions with the prefix USHA are provided that take a
SHAversion value (SHA$$$) to select the SHA function suite. They add SHAversion value (SHA$$$) to select the SHA function suite. They add
the following constants, structure and function: the following constants, structure and function:
Constants: Constants:
shaBadParam(4) constant returned by USHA functions when shaBadParam(4) constant returned by USHA functions when
presented with a bad SHAversion (SHA$$$) presented with a bad SHAversion (SHA$$$)
parameter or other illegal parameter values parameter or other illegal parameter values
USAMaxHashSize maximumof the SHA has sizes USAMaxHashSize maximum of the SHA hash sizes
SHA$$$ SHAversion enumeration values, used by usha, SHA$$$ SHAversion enumeration values, used by usha,
hmac and hkdf functions to select the SHA hmac and hkdf functions to select the SHA
function suite function suite
Structure: Structure:
typedef USHAContext typedef USHAContext
an opaque structure holding the complete state an opaque structure holding the complete state
for producing the hash for producing the hash
Functions: Functions:
skipping to change at page 120, line 9 skipping to change at page 120, line 9
11. Acknowledgements 11. Acknowledgements
Thanks for the corrections to [RFC4634] that were provided by Alfred Thanks for the corrections to [RFC4634] that were provided by Alfred
Hoenes and Jan Andres and to Alfred's comments on the drafts hereof. Hoenes and Jan Andres and to Alfred's comments on the drafts hereof.
INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF
12. References 12. References
RFC Editor Note: All occurances of "RFC NNNN" should be edited to Normative and Informative References appear below.
replace "NNNN" with this documents RFC number and this note should be
deleted.
12.1 Normative References 12.1 Normative References
[RFC2104] - Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- [RFC2104] - Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104, February 1997. Hashing for Message Authentication", RFC 2104, February 1997.
[RFC5869] - Krawczyk, H. and P. Eronen, "HMAC-based Extract-and- [RFC5869] - Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-
Expand Key Derivation Function (HKDF)", RFC 5869, May 2010. Expand Key Derivation Function (HKDF)", RFC 5869, May 2010.
[SHS] - "Secure Hash Standard", United States of American, National [SHS] - "Secure Hash Standard", United States of American, National
skipping to change at page 122, line 7 skipping to change at page 122, line 7
3. Update boilerplate, remove special license in [RFC4634] as new 3. Update boilerplate, remove special license in [RFC4634] as new
boilerplate mandates simplified BSD license. boilerplate mandates simplified BSD license.
4. Replace MIT version of getopt with new code to satisfy IETF 4. Replace MIT version of getopt with new code to satisfy IETF
incoming and outgoing license restrictions. incoming and outgoing license restrictions.
5. Other assorted editorial improvements. 5. Other assorted editorial improvements.
INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF
Appendix Z: Edit History Appendix Z: RFC Editor Note, Edit History
RFC Editor, Please delete this Appendix Z on publication. RFC Editor Note: All occurrences of "RFC NNNN" should be edited to
replace "NNNN" with this documents RFC number.
RFC Editor: Please delete this Appendix Z on publication.
Z.1 Changes from -00 to -01 Z.1 Changes from -00 to -01
Add hash function OIDs and informational reference to [RFC4055]. A Add hash function OIDs and informational reference to [RFC4055]. A
few Editorial changes and typo fixes. few Editorial changes and typo fixes.
Z.2 Changes from -01 to -02 Z.2 Changes from -01 to -02
In shatest.c, replace MIT getopt (xgetopt) code with new code to In shatest.c, replace MIT getopt (xgetopt) code with new code to
avoid possible conflict between MIT license and IETF required BSD avoid possible conflict between MIT license and IETF required BSD
skipping to change at page 123, line 5 skipping to change at page 122, line 37
Problem with MIT getopt is given incompletely in -01 to -02 changes. Problem with MIT getopt is given incompletely in -01 to -02 changes.
Actual problem includes conflict with IETF incoming license Actual problem includes conflict with IETF incoming license
restriction. Also, add this change to Appendix giving changes from restriction. Also, add this change to Appendix giving changes from
RFC 4634. Update to incorporate RFC number for the HKDF RFC. RFC 4634. Update to incorporate RFC number for the HKDF RFC.
Numerous editorial changes. Numerous editorial changes.
Z.4 Changes from -03 to -04 Z.4 Changes from -03 to -04
Fix typos and nits. Fix typos and nits.
Z.5 Changes from -04 to -05
Resolve AD Review comments: Re-order some Abstract and Introduction
material. Make the RFC Editor notes more prominent.
INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF INTERNET-DRAFT SHAs, HMAC-SHAs, and HKDF
Author's Address Author's Address
Donald E. Eastlake, 3rd Donald E. Eastlake, 3rd
Stellar Switches Huawei
155 Beaver Street 155 Beaver Street
Milford, MA 01757 USA Milford, MA 01757 USA
Telephone: +1-508-333-2270 Telephone: +1-508-333-2270
EMail: d3e3e3@gmail.com EMail: d3e3e3@gmail.com
Tony Hansen Tony Hansen
AT&T Laboratories AT&T Laboratories
200 Laurel Ave. 200 Laurel Ave.
Middletown, NJ 07748 USA Middletown, NJ 07748 USA
 End of changes. 14 change blocks. 
24 lines changed or deleted 24 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/