change sha reference

author: Martin Schanzenbach <schanzen@gnunet.org> 2022-01-29 16:42:11 +0100
committer: Martin Schanzenbach <schanzen@gnunet.org> 2022-01-29 16:42:11 +0100
commit: b5db613f563c38d3861be6bebd49f134d324228b (patch)
tree: 5a840573034c21dfcf7ff0c5d9d751d647338fe1
parent: 0cd18093affb44f01f4cf7e99322091055af390e (diff)
download: lsd0001-b5db613f563c38d3861be6bebd49f134d324228b.tar.gz
lsd0001-b5db613f563c38d3861be6bebd49f134d324228b.zip
1 files changed, 40 insertions, 21 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index eec9239..b323607 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -12,6 +12,7 @@
 <!ENTITY RFC5869 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5869.xml">
 <!ENTITY RFC5890 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5890.xml">
 <!ENTITY RFC5891 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5891.xml">
+<!ENTITY RFC6234 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6234.xml">
 <!ENTITY RFC6781 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6781.xml">
 <!ENTITY RFC6895 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6895.xml">
 <!ENTITY RFC6979 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6979.xml">
@@ -82,7 +83,8 @@
  <abstract>
    <t>
      This document contains the GNU Name System (GNS) technical
-      specification. GNS is a decentralized and censorship-resistant name
+      specification.
+      GNS is a decentralized and censorship-resistant name
      system that provides a privacy-enhancing alternative to the Domain
      Name System (DNS).
    </t>
@@ -115,6 +117,11 @@
       DNS was not designed with security as a goal. This makes it very
       vulnerable, especially to attackers that have the technical capabilities
       of an entire nation state at their disposal.
+       While a wider discussion of this issue is out of scope for this document,
+       analyses and investigations can be found in recent academic research
+       works including <xref target="SecureNS"/>.
+     </t>
+     <t>
       This specification describes a censorship-resistant, privacy-preserving
       and decentralized name system: The GNU Name System (GNS) <xref target="GNS" />.
       It is designed to provide a secure, privacy-enhancing alternative to
@@ -946,8 +953,8 @@ zk' := (h mod L) * zk
        ]]></artwork>
       <t>
         The PKEY cryptosystem uses a hash-based key derivation function (HKDF) as defined in
-         <xref target="RFC5869" />, using SHA-512 <xref target="SHS"/> for the extraction
+         <xref target="RFC5869" />, using SHA-512 <xref target="RFC6234"/> for the extraction
-         phase and SHA-256 <xref target="SHS"/> for the expansion phase.
+         phase and SHA-256 <xref target="RFC6234"/> for the expansion phase.
         PRK_h is key material retrieved using an HKDF using the string
         "key-derivation" as salt and the zone key as initial
         keying material.
@@ -984,8 +991,8 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
 ]]></artwork>
       <t>
         HKDF is a hash-based key derivation function as defined in
-         <xref target="RFC5869" />. Specifically, SHA-512 <xref target="SHS"/> is used for the
+         <xref target="RFC5869" />. Specifically, SHA-512 <xref target="RFC6234"/> is used for the
-         extraction phase and SHA-256 <xref target="SHS"/> for the expansion phase.
+         extraction phase and SHA-256 <xref target="RFC6234"/> for the expansion phase.
         The output keying material is 32 bytes (256 bits) for the symmetric
         key and 4 bytes (32 bits) for the nonce.
         The symmetric key K is a 256-bit AES <xref target="RFC3826" /> key.
@@ -1129,8 +1136,8 @@ zk' := h * zk
         <t>
           The EDKEY cryptosystem uses a
           hash-based key derivation function (HKDF) as defined in
-           <xref target="RFC5869" />, using SHA-512 <xref target="SHS"/> for the extraction
+           <xref target="RFC5869" />, using SHA-512 <xref target="RFC6234"/> for the extraction
-           phase and HMAC-SHA256 <xref target="SHS"/> for the expansion phase.
+           phase and HMAC-SHA256 <xref target="RFC6234"/> for the expansion phase.
           PRK_h is key material retrieved using an HKDF using the string
           "key-derivation" as salt and the zone key as initial
           keying material.
@@ -1203,8 +1210,8 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
 ]]></artwork>
         <t>
           HKDF is a hash-based key derivation function as defined in
-           <xref target="RFC5869" />. Specifically, SHA-512 <xref target="SHS"/> is used for the
+           <xref target="RFC5869" />. Specifically, SHA-512 <xref target="RFC6234"/> is used for the
-           extraction phase and SHA-256 <xref target="SHS"/> for the expansion phase.
+           extraction phase and SHA-256 <xref target="RFC6234"/> for the expansion phase.
           The output keying material is 32 bytes (256 bits) for the symmetric
           key and 16 bytes (128 bits) for the NONCE.
           The symmetric key K is a 256-bit XSalsa20
@@ -1526,7 +1533,7 @@ q := SHA-512 (HDKD-Public(zk, label))
         <dd>
           Is the 512-bit storage key under which the resource records block is
           published.
-           It is the SHA-512 hash <xref target="SHS"/> over the derived zone key.
+           It is the SHA-512 hash <xref target="RFC6234"/> over the derived zone key.
         </dd>
       </dl>
     </section>
@@ -2718,6 +2725,7 @@ cae1789d
       &RFC5869;
       &RFC5890;
       &RFC5891;
+       &RFC6234;
       &RFC6895;
       &RFC6979;
       &RFC7748;
@@ -2736,17 +2744,6 @@ cae1789d
         </front>
       </reference>
-       <reference anchor="SHS" target="https://doi.org/10.6028/NIST.FIPS.180-4">
-         <front>
-           <title>Secure Hash Standard (SHS)</title>
-           <author initials="Q. H." surname="Dang" fullname="Quynh H. Dang">
-             <organization>NIST</organization>
-          </author>
-           <date year="2012" month="March"/>
-         </front>
-       </reference>
       <reference anchor="MODES" target="https://doi.org/10.6028/NIST.SP.800-38A">
         <front>
           <title>Recommendation for Block Cipher Modes of Operation: Methods and Techniques</title>
@@ -2934,6 +2931,28 @@ cae1789d
           <date year="2011"/>
         </front>
       </reference>
+       <reference anchor="SecureNS" target="https://sci-hub.st/https://doi.org/10.1016/j.cose.2018.01.018">
+         <front>
+           <title>Towards secure name resolution on the Internet</title>
+          <author initials="C." surname="Grothoff"
+            fullname="Christian Grothoff">
+          <organization>Bern University of Applied Sciences</organization>
+          </author>
+          <author initials="M." surname="Wachs"
+            fullname="Matthias Wachs">
+          <organization>Technische Universität München</organization>
+          </author>
+          <author initials="M." surname="Ermert"
+            fullname="Monika Ermert">
+          </author>
+          <author initials="J." surname="Appelbaum"
+            fullname="Jacob Appelbaum">
+          <organization>TU Eindhoven</organization>
+          </author>
+           <date year="2018"/>
+         </front>
+       </reference>
       <reference anchor="GNUnetGNS" target="https://git.gnunet.org/gnunet.git/tree/src/gns">
         <front>
author	Martin Schanzenbach <schanzen@gnunet.org>	2022-01-29 16:42:11 +0100
committer	Martin Schanzenbach <schanzen@gnunet.org>	2022-01-29 16:42:11 +0100
commit	b5db613f563c38d3861be6bebd49f134d324228b (patch)
tree	5a840573034c21dfcf7ff0c5d9d751d647338fe1
parent	0cd18093affb44f01f4cf7e99322091055af390e (diff)
download	lsd0001-b5db613f563c38d3861be6bebd49f134d324228b.tar.gz lsd0001-b5db613f563c38d3861be6bebd49f134d324228b.zip