[Top] [All Lists]

Re: Questions on AuthenticatedData

2001-10-07 18:46:10

"Jim Schaad" <jimsch(_at_)nwlink(_dot_)com> writes:

1.  Should we specify a suggested size for the randomly generated secret to be
used for HMAC-SHA1?  (The size for HMAC-3DES is fixed at the size of a 3DES

The convention seems to be to use a 160-bit value (even if the spec says that
algorithms with variable-length keys use a 128-bit key and you use that and
then spend half a day trying to figure out why your MACs are failing when all
the other side tells you is "Bad MAC").


<Prev in Thread] Current Thread [Next in Thread>