[Babel-users] [babel] rather than ripemd160...
Juliusz Chroboczek
jch at irif.fr
Mon Nov 26 13:06:37 GMT 2018
> Anyway, the default hash function is sha256 in the hmac-challenge
> branch. I approve, there's hardware support for it, and if someone
> breaks it, civilization collapses, so an alternate hmac is a "good to
> have", and what's in that branch... is ripemd160.
From a standardisation point of view:
- HMAC-SHA256 is Mandatory to Implement;
- implementation may implement other MAC algorithms, and since no
algorithm identifier is carried on the wire, doing that requires no
further standardisation action.
From the point of view of the implementation, we need to clean up this
code to remove the dependency on OpenSSL. When we do that, we'll probably
remove the HMAC-RIPEMD160 code, and leave just SHA256. (Don't hold your
breath, though -- it's exam season for both the girls and myself.)
If we add another HMAC algorithm, we'll want to do it in agreement with
Toke, so that both implementations implement the same set of HMAC algorithms.
> Both blake and siphash seem like a superior choice for an alternate hmac
> function to ripemd160. In particular blake is subject of its own RFC,
> and comes in several clean highly optimized versions for x86 and arm
> architectures.
I hold no opinion on that at the current time, I'd need to consult my
colleagues.
-- Juliusz
More information about the Babel-users
mailing list