cSHAKE String #35

kc2rxo · 2023-03-03T20:03:38Z

There is a comment in the document asking the following question about the cSHAKE hash use.

Should the cSHAKE string be:

"Remote ID Auth Hash" -- current
DET Context ID (i.e. 0x00B5 A69C 795D F5D5 F008 7F56 843F 2C40)
New Context ID

kc2rxo · 2023-07-12T16:38:57Z

Looks like this is still left hanging. We can keep it as is or do we have a preference to change it?

rgmhtt · 2023-07-31T19:52:03Z

First per SP800-185 pg 7, "L" (the 2nd argument) is in bits, not bytes. So

cSHAKE128(ASTM Message, 64, "", "Remote ID Auth Hash")

Then, "Remote ID Auth Hash" is a perfectly good value of "S", the customization bit string. Though sometimes a bit representation is provided so there are no mistakes. Take, pg 10 in above for KMAC:

N ="KMAC" = 11010010 10110010 10000010 11000010

Presenting in hex is also acceptable so it is not too long. Thus there is no question of the text to bit encoding rules.

Finally, replace:

  Informative Note: [RFC9374] specifies cSHAKE128 but is open for
  the expansion of other OGAs.

with

  Informative Note: For OGAs other than "5" [RFC9374], use the construct
 appropriate for the associated hash.  e.g. for "2" which is ECDSA/SHA-384:

       Ltrunc( SHA-384( ASTM Message | "Remote ID Auth Hash" ), 8 )

kc2rxo · 2023-09-20T16:53:31Z

Added in -35

kc2rxo added a commit that referenced this issue Mar 3, 2023

refactor: replaced comments with issues #35-38

719f502

kc2rxo mentioned this issue Mar 3, 2023

Fixing various issues #40

Merged

kc2rxo closed this as completed Sep 20, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cSHAKE String #35

cSHAKE String #35

kc2rxo commented Mar 3, 2023

kc2rxo commented Jul 12, 2023

rgmhtt commented Jul 31, 2023

kc2rxo commented Sep 20, 2023

cSHAKE String #35

cSHAKE String #35

Comments

kc2rxo commented Mar 3, 2023

kc2rxo commented Jul 12, 2023

rgmhtt commented Jul 31, 2023

kc2rxo commented Sep 20, 2023