draft-ietf-lamps-pkix-shake-00

Slides:

Advertisements

Similar presentations

Position Paper W3C Workshop Mountain View

Advertisements

1 Some Current Thinking on Hash Functions Within NIST John Kelsey, NIST, June 2005.

Information Security Principles & Applications Topic 4: Message Authentication 虞慧群

Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.

Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.

SHA (secure hash algorithm) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

S/MIME v3.2 draft-ietf-smime-3850bis-00.txt draft-ietf-smime-3851bis-00.txt Sean Turner Blake Ramsdell.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

XMSS - A Practical Forward Secure Signature Scheme based on Minimal Security Assumptions J. Buchmann, E. Dahmen, A. Hülsing | TU Darmstadt |

Bob can sign a message using a digital signature generation algorithm

DSA (Digital Signature Algorithm) Tahani Aljehani.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Digital Signatures: Mathematics Zdeněk Říha. Data authentication Data integrity + data origin Digital signature Asymmetric cryptography public and private.

HASH Functions.

Hash and MAC Algorithms Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther Aldwairi.

Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.

Certificates and FIPS 201 Tim Polk March 3, 2006.

PKCS #1 v2.1: RSA Cryptography Standard

RSA Data Security, Inc. PKCS #1 : RSA Cryptography Standard Jessica Staddon RSA Laboratories PKCS Workshop October 7, 1998.

1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.

1 Strengthening Digital Signatures via Randomized Hashing Shai Halevi and Hugo Krawczyk IBM Research.

Comments on draft-ietf-pkix-scvp-19.txt IETF Meeting Paris - August 2005 Denis Pinkas

Certificate Requests to HIP Jani Pellikka 80 th IETF Mar 27 th – Apr 1 st 2011 Prague, Czech Republic.

Hash Algorithms see similarities in the evolution of hash functions & block ciphers –increasing power of brute-force attacks –leading to evolution in algorithms.

Cryptographic Hash Functions and Protocol Analysis

SRI International 1 Topology Dissemination Based on Reverse-Path Forwarding (TBRPF) Richard Ogier September 21, 2002.

DNSSEC allocations DNSEXT chairs IETF-75 Stockholm 2009/07/29.

WSON Optical Interface Class draft-martinelli-wson-interface-class-02 Giovanni MartinelliCisco Gabriele GalimbertiCisco Lyndon OngCiena Daniele CeccarelliEricsson.

Optical Interface Class draft-martinelli-wson-interface-class-03 Authors: Giovanni Martinelli (Cisco) Gabriele Galimberti (Cisco) Lyndon Ong (Ciena) Daniele.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-ECDSA Title: Discussion on introducing ECDSA to d for group management Date Submitted: July.

Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,

DIGITAL SIGNATURE ALGORITHM. The National Institute of Standards and Technology (NIST) has published Federal Information Processing Standard FIPS 186,

2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

Public Key Infrastructure Using X.509 (PKIX) Working Group March 20,

Slide 1 August 2005, Paris, FranceIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd

ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.

RSA Data Security, Inc. PKCS #13: Elliptic Curve Cryptography Standard Burt Kaliski RSA Laboratories PKCS Workshop October 7, 1998.

S/MIME Capabilities Certificate Extension Stefan Santesson Microsoft.

Slide 1 November 2005, Vancouver, BCIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd

1 Randomized Hashing: Secure Digital Signatures without Collision Resistance Shai Halevi and Hugo Krawczyk IBM Research

SCVP 18 Tim Polk. Mea Culpa ● Draft -19 omits some promised changes from the March IETF meeting – Document management problems compounded by ID submission.

RSA Laboratories’ PKCS Series - a Tutorial

ASN.1: Cryptographic files

Authenticated Identity

November 14, 2016 Secure MAC algorithms for use with NTP draft-aanchal4-ntp-mac-03 CFRG: IETF97 Aanchal Malhotra Sharon Goldberg.

ASN.1: Introduction Zdeněk Říha.

Dan Brown, Certicom Research November 10, 2004

RSA Digital Signature Standards

IS-IS WG IS-IS Cryptographic Authentication Requirements

Usage of The RSVP Association Object draft-ietf-ccamp-assoc-ext-01

SNMP MIBs to manage G parameters

DNSSEC Operations in .gov

Introduction Used for communication to verify

Donald E. Eastlake 3rd TSIG SHA etc. Donald E. Eastlake 3rd March.

LTANS WG: ERS Status July 10, 2006 Tobias Gondrom.

ITU-T Recommendation G.722.1:

ICS 454 Principles of Cryptography

Resource Certificate Profile

ICS 454 Principles of Cryptography

Draft-lamps-cms-shakes-hash-00 (was draft-dang-lamps-cms-shakes-hash-00) Q. Dang, P. Kampanakis National Institute of Standards and Technology.

Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006

4. Management Information Base

draft-ietf-dtn-bpsec-06

The Secure Hash Function (SHA)

Digital Signature Standard (DSS)

The devil is in the details

E. Bellagamba, Ericsson P. Sköldström, Acreo D. Ward, Juniper

Presentation transcript:

draft-ietf-lamps-pkix-shake-00 P. Kampanakis, Q. Dang Cisco Systems National Institute of Standards and Technology (NIST)

Adding SHAKE in PKIX Goal: Define the OIDs for PKIX so that SHAKEs can be used in X.509. For now we will focus DSA ECDSA RSA Draft is still in early stage.

SHAKEs’ OIDs SHA3 defines SHAKE128 and SHAK256 with output size d. collision and preimage resistance is min(d/2,128) and min(d,128) for SHAKE128 and min(d/2,256) and min(d,256) for SKAHE256. d = 256/512 bits for SHAKE128/256 in this specification. SHAKEs’ OIDs id-shake128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 11 } id-shake256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 12

DSA [FIPS186-4] OIDs id-dsa-with-shake128 OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) csor(3) algorithms(4) id-dsa- with-shake(3) x } id-dsa-with-shake256 OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) csor(3) algorithms(4) id-dsa- with-shake(3) y "x" and "y" will be specified by NIST later. When OIDs used as an AlgorithmIdentifier, the encoding MUST omit the parameters field.

ECDSA [X9.62] OIDs id-ecdsa-with-shake128 OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) csor(3) algorithms(4) id- ecdsa-with-shake(3) x } id-ecdsa-with-shake256 OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) csor(3) algorithms(4) id- ecdsa-with-shake(3) y "x" and "y" will be specified by NIST later. When OIDs used as an AlgorithmIdentifier, the encoding MUST omit the parameters field.

Public Key identifiers Formats defined [RFC3279] and [RFC5480]

Questions/Comments ? What RSA standard(s) should we specify in the next version ? Comments/questions ?