JEP 287: SHA-3 Hash Algorithms

ecki at zusammenkunft.net ecki at zusammenkunft.net
Thu Apr 21 08:40:52 UTC 2016


Hello,

Just noticed, the validation program allows BIT- or BYTE-only APIs, the existing ones are all BYTE constrained. That would be a good definition in the JEP:

http://csrc.nist.gov/groups/STM/cavp/documents/sha3/sha3val.html

Gruss
Bernd
-- 
http://bernd.eckenfels.net

-----Original Message-----
From: ecki at zusammenkunft.net
To: security-dev at openjdk.java.net
Sent: Do., 21 Apr. 2016 10:36
Subject: Re: JEP 287: SHA-3 Hash Algorithms

Hello,

This is good news. Could the JEP talk about non-octet input length? If I read SHA3 correctly it will produce different hashes for 5- or 8-bit input. This means you cannot pad the input to byte boundaries and you would have to specify a length parameter to byte[] based doFinal().

Since the JEP mandates the NIST test vectors I guess the functionality cannot be skipped, as those specify odd input messages.

With the recent work on HKDF is therr also a plan to provide a XOF API for sponge? 

Gruss
Bernd

-- 
http://bernd.eckenfels.net

-----Original Message-----
From: mark.reinhold at oracle.com
To: valerie.peng at oracle.com
Cc: security-dev at openjdk.java.net
Sent: Mi., 20 Apr. 2016 20:46
Subject: JEP 287: SHA-3 Hash Algorithms

New JEP Candidate: http://openjdk.java.net/jeps/287

- Mark


More information about the security-dev mailing list