[14865] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: origin of SHA 224 initial hash values

daemon@ATHENA.MIT.EDU (Jeroen C.van Gelderen)
Sat Dec 6 19:56:21 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <E872D604-27C5-11D8-A886-000A9573C58A@kingprimate.com>
Cc: crypto list <cryptography@metzdowd.com>
From: Jeroen C.van Gelderen <jeroen@vangelderen.org>
Date: Sat, 6 Dec 2003 14:36:35 -0500
To: Jeremiah Rogers <jeremiah@kingprimate.com>


On Dec 6, 2003, at 3:26, Jeremiah Rogers wrote:

> I'm having trouble pinpointing the origin of the initial hash values 
> for SHA 224 and, for that matter, 128. These values are defined as hex 
> representations of cube roots of primes for sha-1 of lengths 256, 384 
> and 512, but  I can't find where they were obtained for the shorter 
> lengths.
>
> Thanks and apologies if this is something well known.

I'd like to second this request for clarification.

I noted that 224 yields a security level identical to 2-key Triple DES.

A quick Google search reveals that SHA-224 is mentioned a few times, in
   draft-ietf-pkix-rsa-pkalgs-01.txt
   draft-ietf-smime-cms-rsa-kem-01.txt
among others.

A draft-ietf-pkix-sha224-00.txt is referenced but not yet available 
from the IETF website.



       *  80-bit security. The RSA key size SHOULD be at least 1024 bits,
          the hash function underlying KDF2 SHOULD be SHA-1 or above, and
          the symmetric key-wrapping scheme SHOULD be AES Key Wrap or
          Triple-DES Key Wrap.

       *  112-bit security. The RSA key size SHOULD be at least 2048
          bits, the hash function underlying KDF2 SHOULD be SHA-224 or
          above, and the symmetric key-wrapping scheme SHOULD be AES Key
          Wrap or Triple-DES Key Wrap.

       *  128-bit security. The RSA key size SHOULD be at least 3072
          bits, the hash function underlying KDF2 SHOULD be SHA-256 or
          above, and the symmetric key-wrapping scheme SHOULD be AES Key
          Wrap.

       -- draft-ietf-smime-cms-rsa-kem-01.txt, pg4

-J

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
home help back first fref pref prev next nref lref last post