[gnutls-devel] GnuTLS | Do not use HMAC-SHA1 for session ticket authentication algorithm (#1482)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sun May 7 04:14:03 CEST 2023




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1482#note_1380868841

This turned out not so trivial, as it increases the entire key size from 64 to 80, which breaks the [assumption](https://gitlab.com/gnutls/gnutls/-/blob/0263dec937e02ab71fd9cb158fa69acf7c374481/lib/stek.c) of the key rotation logic. Perhaps we could switch the SHA3-512 usage to using SHAKE, generating 80-byte output, or repeatedly call the hash function.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1482#note_1380868841
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230507/343b0d62/attachment.html>


More information about the Gnutls-devel mailing list