Re: IPSec hmac(sha256) truncation bits length

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Nicolae,

up to the Linux 2.6.32 kernel the SHA256 hash was erroneously truncated
to 96 bits. With Linux 2.6.33 the correct truncation to 128 bits
was introduce as well as the SHA384_192 and SHA512_256 data integrity
algorithms. If you want to apply the correct SHA2 truncation, use
XFRMA_ALG_AUTH_TRUNC instead of XFRMA_ALG_AUTH.

Best regards

Andreas

On 03/04/2015 06:13 PM, Nicolae Rosia wrote:
> Hello,
> 
> I'm trying to understand why icv_truncbits is set to 96 for
> hmac(sha256) in xfrm_algo.c because
> RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
> Am I looking in the wrong place?
> 
> [1] https://tools.ietf.org/html/rfc4868#section-2.6
> 
> Best regards,
> Nicolae Rosia
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

-- 
======================================================================
Andreas Steffen                         andreas.steffen@xxxxxxxxxxxxxx
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux