commit c19a39d00ad3df61d215792cd7b578758ced5389
parent 267fb8ebe469a235205c834b9a36166c16b0c6c1
Author: Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
Date: Mon, 8 Jul 2024 09:47:08 +0200
crypto primitives: polish hashes
Diffstat:
2 files changed, 151 insertions(+), 55 deletions(-)
diff --git a/draft-guetschow-taler-protocol.md b/draft-guetschow-taler-protocol.md
@@ -34,6 +34,7 @@ normative:
RFC5869:
RFC6234:
HKDF: DOI.10.1007/978-3-642-14623-7_34
+ SHS: DOI.10.6028/NIST.FIPS.180-4
informative:
@@ -61,13 +62,53 @@ Use at your own risk!
### SHA-256 {#sha256}
-Taler uses SHA-256 as defined in Section 5.1 of [RFC6234].
+~~~
+SHA-256(msg) -> hash
+
+Input:
+ msg input message of length L < 2^64 bits
+
+Output:
+ hash message digest of fixed length L' = 256 bits
+~~~
+
+`hash` is the output of SHA-256 as per Sections 4.1, 5.1, 6.1, and 6.2 of [RFC6234].
### SHA-512 {#sha512}
-Taler uses SHA-512 as defined in Section 5.2 of [RFC6234].
+~~~
+SHA-512(msg) -> hash
+
+Input:
+ msg input message of length L < 2^128 bits
+
+Output:
+ hash message digest of fixed length L' = 512 bits
+~~~
+
+`hash` is the output of SHA-512 as per Sections 4.2, 5.2, 6.3, and 6.4 of [RFC6234].
+
+### SHA-512-256 (truncated SHA-512) {#sha512-trunc}
+
+~~~
+SHA-512(msg) -> hash
+
+Input:
+ msg input message of length L < 2^128 bits
+
+Output:
+ hash message digest of fixed length L' = 256 bits
+~~~
+
+The output `hash` corresponds to the first 256 bit of the output of SHA-512 defined in {{sha512}}:
+
+~~~
+temp = SHA-512(msg)
+hash = temp[0:255]
+~~~
+
+Note that this operation differs from SHA-512/256 as defined in [SHS] in the initial hash value.
-### Truncated SHA-512 {#sha512-trunc}
## Key Derivation Functions
@@ -82,12 +123,12 @@ HMAC-SHA256 (HMAC [RFC2104] instantiated with SHA-256, cf. {{sha256}}) is used f
HKDF(salt, IKM, info, L) -> OKM
Inputs:
- salt optional salt value (a non-secret random value);
+ salt optional salt value (a non-secret random value);
if not provided, it is set to a string of 64 zeros.
- IKM input keying material
- info optional context and application specific information
+ IKM input keying material
+ info optional context and application specific information
(can be a zero-length string)
- L length of output keying material in octets
+ L length of output keying material in octets
(<= 255*32 = 8160)
Output:
diff --git a/draft-guetschow-taler-protocol.xml b/draft-guetschow-taler-protocol.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
- <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.5 (Ruby 3.1.2) -->
+ <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.17 (Ruby 3.1.2) -->
<!DOCTYPE rfc [
@@ -29,7 +29,7 @@
</address>
</author>
- <date year="2024" month="March" day="28"/>
+ <date year="2024" month="July" day="08"/>
<workgroup>independent</workgroup>
@@ -38,7 +38,7 @@
<abstract>
-<?line 41?>
+<?line 42?>
<t>[ TBW ]</t>
@@ -53,7 +53,7 @@
<middle>
-<?line 45?>
+<?line 46?>
<section anchor="introduction"><name>Introduction</name>
@@ -76,15 +76,54 @@ Use at your own risk!</t>
<section anchor="sha256"><name>SHA-256</name>
-<t>Taler uses SHA-256 as defined in Section 5.1 of <xref target="RFC6234"></xref>.</t>
+<figure><artwork><![CDATA[
+SHA-256(msg) -> hash
+
+Input:
+ msg input message of length L < 2^64 bits
+
+Output:
+ hash message digest of fixed length L' = 256 bits
+]]></artwork></figure>
+
+<t><spanx style="verb">hash</spanx> is the output of SHA-256 as per Sections 4.1, 5.1, 6.1, and 6.2 of <xref target="RFC6234"></xref>.</t>
</section>
<section anchor="sha512"><name>SHA-512</name>
-<t>Taler uses SHA-512 as defined in Section 5.2 of <xref target="RFC6234"></xref>.</t>
+<figure><artwork><![CDATA[
+SHA-512(msg) -> hash
+
+Input:
+ msg input message of length L < 2^128 bits
+
+Output:
+ hash message digest of fixed length L' = 512 bits
+]]></artwork></figure>
+
+<t><spanx style="verb">hash</spanx> is the output of SHA-512 as per Sections 4.2, 5.2, 6.3, and 6.4 of <xref target="RFC6234"></xref>.</t>
</section>
-<section anchor="sha512-trunc"><name>Truncated SHA-512</name>
+<section anchor="sha512-trunc"><name>SHA-512-256 (truncated SHA-512)</name>
+
+<figure><artwork><![CDATA[
+SHA-512(msg) -> hash
+
+Input:
+ msg input message of length L < 2^128 bits
+
+Output:
+ hash message digest of fixed length L' = 256 bits
+]]></artwork></figure>
+
+<t>The output <spanx style="verb">hash</spanx> corresponds to the first 256 bit of the output of SHA-512 defined in <xref target="sha512"/>:</t>
+
+<figure><artwork><![CDATA[
+temp = SHA-512(msg)
+hash = temp[0:255]
+]]></artwork></figure>
+
+<t>Note that this operation differs from SHA-512/256 as defined in <xref target="SHS"></xref> in the initial hash value.</t>
</section>
</section>
@@ -101,12 +140,12 @@ HMAC-SHA256 (HMAC <xref target="RFC2104"></xref> instantiated with SHA-256, cf.
HKDF(salt, IKM, info, L) -> OKM
Inputs:
- salt optional salt value (a non-secret random value);
+ salt optional salt value (a non-secret random value);
if not provided, it is set to a string of 64 zeros.
- IKM input keying material
- info optional context and application specific information
+ IKM input keying material
+ info optional context and application specific information
(can be a zero-length string)
- L length of output keying material in octets
+ L length of output keying material in octets
(<= 255*32 = 8160)
Output:
@@ -256,6 +295,17 @@ while true:
<seriesInfo name="ISBN" value="["9783642146220", "9783642146237"]"/>
<refcontent>Springer Berlin Heidelberg</refcontent></reference>
+<reference anchor="SHS">
+ <front>
+ <title>Secure Hash Standard</title>
+ <author fullname="Quynh H. Dang" initials="Q." surname="Dang">
+ <organization/>
+ </author>
+ <date month="July" year="2015"/>
+ </front>
+ <seriesInfo name="DOI" value="10.6028/nist.fips.180-4"/>
+<refcontent>National Institute of Standards and Technology</refcontent></reference>
+
@@ -263,7 +313,7 @@ while true:
-<?line 160?>
+<?line 201?>
<section anchor="change-log"><name>Change log</name>
@@ -281,42 +331,47 @@ Education and Research (BMBF) within the project Concrete Contracts.</t>
</back>
<!-- ##markdown-source:
-H4sIAAAAAAAAA+1X23LbNhB9x1dsnRepNWVJvsRm6k59jT225YwvkwfH00Ak
-RKKCAA4IWlZc58v61h/rLkBJli8zbZ+bycggsNjrOctlFEXsLoZVxpx0SsSw
-dJUL+Ni7hiuuhIVP1jiTGLXEUpNoPkKJ1PKBi7JKuDLJzThyJBgVtSBLuBOZ
-sZMYpB4YxmRhY3C2Kl233d5qd9nY2GFmTVWQRCoKgT/asdJZwUeLe0MxQek0
-ZgAReDt+ldhJ4UxmeZFP/IZIeJn7VcEnI7xZMvYO7oSuRIwLACsKE0PuXFHG
-KyuZdK1MV1q4lrHZiirTNrrWwu0VL60whNLN5VHgFfkVxnjlcmPRvQiNA4T8
-nMmhUVzCx7/+DBnyZ3gxhqvrfdi3osTg4FrLO2FL6SZgBnAlklwbZbKJl+b9
-vhV3dGEq77cpRwIdOxJqlBvlvuFGCzptf5igqnhBPDEp+rMftTvtja16p9KO
-avNR2BHXwZgYcaliGAW/W7PK/uqqKA3qWqlgTBu849BrqsfF4V63016rl+ub
-G1v1cqO76nePTvYP0fj5cavTxv/t9ytb7zej1WhjrRt11lAqev/b6hriA1Ey
-08tYFEUYPcbFE8fYlxu42v0MX27DwUimqRJU22MMw6RV4qTRC2K7YsytAJdz
-hz+yBMRtRZAAXJdOKgUEwEhqgmyG4ZXAdQojPsHsaMelBmGtsWWLXZcCUM3E
-VBbMWIOV5fAHst4zjgfLEXzl8Af0vwJmySBs0KggRUQD7YWovBzG0uXQp8t7
-c/TKBAkmR5KCJ8g+PzxCWMNhpX2YXuAdXB7tRN31DXh4V+YcF4+MBapWJVqf
-nnIMXAykFikSCi6F1wDrrQ55c1OX6bY1V7ne6QaVuHipkk7fUtl9TeWVrXwK
-0hfKI0dHjz7aEzGBfWHlXUjUs0gJQXgtH6YD8gjzSvlAlW9cgwbdaJLX3sUQ
-g6T64mPpuHZyVpGbGrW3zFfGjQ2kcjAQlqCSU94HU28AAerLenDvYenxcnBf
-0J/SiYIyU1ZZhj0jGL4hPzATR2c7exHGT+E36MFbJdrcPnEI73gX6kQtQzJo
-wcNDXYrHJkXgQyI3vpLqqHbk69wE1fyfmUDJJyYIQG+YoPjQAvv+/TujrUbJ
-lVuG45OzZd/al+G0CdEvcH5yxtixLipXxqFLoRz4nldQ/rgKO3dcVQIaHLTR
-USkSKxxYtGFG4aj5wd+e/5MDFHWANL2TqUjRaiAx3nMGKYVNQuqMirmxBt+E
-NUhZuoce1grIKcCXCIlhi0HIcMXCycAsukjcF/ehtrwolEwCVMpCJHKAXJz1
-KaOf+dlIEGB9bBXeiUgJnWGug3dNL3s6Fa3P0GVTuVecI/SYxGEDfm7j523o
-rq//uNqFbdjsbLSbjJ17FSHn59OY39DbQJOnteqmL6knVC1NtzGzCVdJpTxc
-OKFeKTPGmnrxTxcnaPkp+uZ4aAZ0+W61PccxPZ/im24b68PIxOw+QauBGp8A
-6bkGD9O5htVucHraF6Izk2Kz5wRarBKx07eLJx3q4cF3jsfl8B6Y0hlnAVdZ
-7bsCOeXfFASrEVfUL/BZYykzbMlYVZmBrkZ93O89oQJZb/SW4RkjXqdDb1rD
-ubIP0OtLVy68M+bQ6JH3dP4/m16w6d+BfqGmvf+E+57y+EuEVI1QtBXYbLJx
-LpWgsVbE88EKLW1DPYzhqos15aWDUmaagsZeXDOQsjy9gbXGwdLPJP2JQ9ds
-6sdcgPuaMM8bL84byTL0kBihu+AMg0XESKGPMaHvhFbvqv9BA/esRsA9/Ay9
-eJbxQMr72TMOnXy4EM9P29CZMg/HHh3tKhzQ4RJD4kgjUb+qD1JsTp0tL/W6
-xOH+UXRxuRMe9hTH1010STOvtTQUUVHC+zpMQLMPD6/yMzYH/OwYc3qk0aOy
-NDfv4csZsWx5PTT4MXDfj4E4Ie70dl5IYASiFWbJPk+GfhxDbGRIP5PR004y
-1GasRJqFz4iHODBWpNtLA65KsfS4YOeKWgsVD8Z+CigKY+spoODWQX/iyR3G
-bTgU5IvCTwQtEdE0+bMDnGIDOYgsF1hLbpMcGrtnu4ehLcrQ35C5v+PQRTER
-2wUtfCNGov4NMZRdgccNAAA=
+H4sIAAAAAAAAA81XbVMbyRH+vr+iY3+IdGGFJEAG3ZEKL8ZQgOwyuO4DR8Jo
+d7SaYzWzNTuL0PnwL8u3/LE8PbN6w/aVL1eVhHLJu7P93k/3dMdxHD30aSuK
+nHK57NOL67GkN4MPdC1yaemdNc4kJn8RpSbRYgKK1IqRi7NKujIZm2nsmDAu
+asIoEU5mxs76pPTIRJEqbJ+crUrXbbf32t1oaux9Zk1VMEUqC4kf7aLSWSkm
+62f3cgbqtB8RxeT1+KfEzgpnMiuK8cwfyESUY/9UiNkEnGUUvaQHqSvZxwOR
+lYXp09i5ouxvbmbKtTJdaelaxmabeZm2YVoLx5ueOocLpVvSg+AL9JtRJCo3
+NhbmxVBOFOJzqe5NLhS9+dc/Q4T8NzD26frDMR1bWcI5+qDVg7SlcjMyI7qW
+yVib3GQzTy2GQysfmGFO7485RhKGncp8Mja5+wUHLeq0/ccEovpr5IlJYc9x
+3O60e3v1SaUd5+aNtBOhgzI5ESrv0yTY3Vpk9m+uitMgrpXKKNIGPA5Wcz7e
+nxx1O+3t+nFnt7dXP/a6W/709Pz4BMrfnrU6bfxrv9rce7Ubb8W97W7c2QZV
+/OofW9sgvDq9WtD12t3dzcHZ1XXr5OzdVauz2463ASEAaaE6iuI4RoDgukhc
+FP10Q9eHP9JPt+HDRKVpLjn9Z/DUpFXilNFrZIdyKqwkNxYOP6okQLti1BCe
+S6fynBijsdKM6gwRKEnolCZihgBqJ5Qmaa2xZSv6UEqCmJmpLJmpJqvK+z+x
+9oFxImiO6U7QrzS8IwTSAFlQKlkQV4r2RIwAQVPlxjRk5qMlwFWCGlQTxc4z
+qp9/PAXy6aTS3k1P8BIRPYi7Oz36+LIcCzw8RdGnT5+i+rgxKbMmxX+lMRdN
+dKaLyvU9EPCB/J/iM5rAcZFJNi6XOoNxF/QDdf/e26ah4hJ7W7kFLwvzvHOu
+VGUoImYeqUeZLkT8mfaJjfMi2KzojnnvOPgcGOOFMt/cDVFSgVZ0JYOPtN3q
+bNAO//T4h1PTa3WZ46bG321rGYidTjcEAg8rgcDbHw5Ep7v7RyPB1n1bJJjy
+80h0ORJdjsTWPBLbvxEJH88GurEHXzo/bi4iFPtv/39xWkfM9TI6dcgSY1Gn
+hdEpYmd8+EbKQlrNyFK/HNNUjpSGNhT1x481TJ76IQBOTgooX41D5M3eJ/50
+0+53d3Zug00o+NWeYpCoUNupGo3Q6GlkzWQuarPG9YryG/TBW35gM5VGwYs8
+xOhB5JVEHrn4z+WMjqVVD0H2s8LnnotUju/T0VOIErcHyP8KGzWYo0lVGWwI
+d77idofX0gkNK+YN6qbu87eRb1RuamrXuHN6Q0dzawj92vvx+tF3aY/M148F
+/1c6WbDrZZVxumvn2Q5g9fTy4ChGjDgxDX7xWvmiuV0xCDzehDqYG5SMWivJ
+a7IH3iU2445Fx7Uhd0sVvhK+SQUoV1RwP/2KCvYPGjwe+KhRitxt0Nn55YYf
+hjbowtfR2/PLuozKUApM54eEgsOHvPsDn3dqCNJGx6VMrHRkoQIw8p+a30e0
+9qdGIHWES+tBpTKF0nClgQ81IXh8UDrjXKKF/yKtwQXGfDBwpYoxdDEV7lsA
+RuRR+DIyawbyPSgfQ2JFUeQqCTgpC5moEe6lxZ1t9DMrGwnQNcS16U2I6yoP
+tjU97UVNWX+CvXXZPjONkWMSh3HluYofuGPsfLfVRaXudnrt5nrreVs7/DW5
+Dai8qEU3P2s5zI2wJiJPqtxDRTDi89xMy7pxvHt/Ds2ryFtioRmQdRr6yALD
+/H6BuXAfyYlYxYKfYdWAxBUQPZfgIbqUsNUNRs97QnxpUsw9ggFrQofxrWKt
+9/mu8bQR2te8lDE5u8pq3xHYKN/gGFMTkXOvwLtGJjNMJ0iqykhXkyHOBytl
+wNobgw16Vg1fLoXBPIdLYd/TgFv/2vi0hMaArfdXw2ol/a9L6Rtq6b9QTL8P
+9Gs5HfxHuB/kHn+JVHkjJG2TdpvRdKxyyUug7C/XEGjap3p14RseORW4sEuV
+aXYafbiuQI7ynAO5xhrmx/PhDBcutkO/FBI91gXzvOli9E42aIDCCM0FYwKS
+CE9pCJ9gO6PVm+p/oOAxqhHwiOll0F9EPBTl4+IdK5q4X/PnL/vUmVceNgAd
+H+ZYZ+kKLgmUkayv6dcpmlNnz1N9meLk+DR+f3UQXo5ygasmvuIN0VreDzgp
+4a4Oy8BiTfcif0RzwJI+FfzKw2Jlecs8wsUMLIeppKw3omO/EWFZOhgcfEYB
+D3ju4LVqKJJ7v5kAGxjVsKjy20Fyr800l2kWlu6P/VCxMt1/MRJ5KV88rem5
+5tbCyaOpnwCKwth6AiiEdTSc+eIOyymdSLYlx0KtFRDNe3L0GgtdKA4ulvfI
+pbDJmBqHl4cnoS3WExQq92eMyewTV7vkB9+IUaj/BjAzhDH1EAAA
-->
