Hi all RFC 4868 specifies some HMAC-SHA2 algorithms for IPsec: 12 AUTH_HMAC_SHA2_256_128 [RFC4868] 13 AUTH_HMAC_SHA2_384_192 [RFC4868] 14 AUTH_HMAC_SHA2_512_256 [RFC4868]
Last year some researchers working for Intel published this report: http://eprint.iacr.org/2010/548.pdf It shows that optimized implementation of SHA-512 on 64-bit processors out-perform SHA-256 implementations on the same processors. This would mean that AUTH_HMAC_SHA2_512_256 could be faster than AUTH_HMAC_SHA2_256_128 (on 64-bit Intel platforms if you have an optimized implementation) Now NIST has published this document update, that adds a new hash function: SHA-512/256. That's SHA-512 (with the IV changed) truncated to 256 bits. http://csrc.nist.gov/publications/drafts/fips180-4/Draft-FIPS180-4_Feb2011.pdf Is anyone interested in defining an AUTH_HMAC_SHA2_512_128, that would be either SHA-512 truncated to 128 bits, or SHA-512/256 truncated to 128 bits? _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
