linux-integrity.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Van Leeuwen, Pascal" <pvanleeuwen@rambus.com>
To: Ken Goldman <kgold@linux.ibm.com>
Cc: "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
	"linux-integrity@vger.kernel.org"
	<linux-integrity@vger.kernel.org>,
	"linux-security-module@vger.kernel.org" 
	<linux-security-module@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: RE: [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Date: Tue, 11 Feb 2020 07:56:04 +0000	[thread overview]
Message-ID: <SN4PR0401MB36637D914CAB78B2B104A73EC3180@SN4PR0401MB3663.namprd04.prod.outlook.com> (raw)
In-Reply-To: <3b21122352a44cb9a20030a32f07e38a@MN2PR20MB2973.namprd20.prod.outlook.com>

> -----Original Message-----
> From: linux-crypto-owner@vger.kernel.org <linux-crypto-owner@vger.kernel.org> On Behalf Of Ken Goldman
> Sent: Monday, February 10, 2020 7:03 PM
> Cc: linux-crypto@vger.kernel.org; linux-integrity@vger.kernel.org; linux-security-module@vger.kernel.org; linux-
> kernel@vger.kernel.org
> Subject: Re: [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
>
> <<< External Email >>>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the
> sender/sender address and know the content is safe.
>
>
> On 2/10/2020 12:01 PM, Van Leeuwen, Pascal wrote:
> > Well, the current specification surely doesn't define anything else and is
> > already over a decade old. So what would be the odds that they add a
> > different blocksize variant_now_  AND still call that SM3-something?
>
> I just got a note from a cryptographer who said there were discussions
> last year about a future SM3 with 512 bit output.
>
> Given that, why not plan ahead and use sm3-256?  Is there any downside?
> Is the cost any more than 4 bytes in some source code?
>

It is actually exported as "sm3" by all implementations, it's just this one reference that was off.
So fixing that one reference is less effort than fixing all implementations.
I don't think anyone cares about the 4 bytes of source code ...

As for SM3-512: that would by silly, considering recent attacks found against similar
Merkle-Darmgard structures.  Then again, I'm not talking to Chinese cryptographers.
In any case, what would be the problem with having "sm3" and "sm3-512"?
Note that nobody in the world refers to the current SM3 as "SM3-256".

Regards,
Pascal van Leeuwen
Silicon IP Architect Multi-Protocol Engines, Rambus Security
Rambus ROTW Holding BV
+31-73 6581953

Note: The Inside Secure/Verimatrix Silicon IP team was recently acquired by Rambus.
Please be so kind to update your e-mail address book with my new e-mail address.


** This message and any attachments are for the sole use of the intended recipient(s). It may contain information that is confidential and privileged. If you are not the intended recipient of this message, you are prohibited from printing, copying, forwarding or saving it. Please delete the message and attachments and notify the sender immediately. **

Rambus Inc.<http://www.rambus.com>

  parent reply	other threads:[~2020-02-11  7:57 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-07  9:22 [PATCH] IMA hash algorithm supports sm3-256 Tianjia Zhang
2020-02-07  9:22 ` [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256 Tianjia Zhang
2020-02-10  3:17   ` Eric Biggers
     [not found]     ` <b7ce247b-ede1-4b01-bb11-894c042679e1.tianjia.zhang@linux.alibaba.com>
2020-02-10 12:06       ` 回复:[PATCH " Tianjia Zhang
2020-02-10 16:30     ` [PATCH " Ken Goldman
2020-02-10 16:39       ` James Bottomley
     [not found]       ` <7a496bb15f264eab920bf081338d67af@MN2PR20MB2973.namprd20.prod.outlook.com>
2020-02-10 17:01         ` Van Leeuwen, Pascal
2020-02-10 17:39           ` Mimi Zohar
2020-02-10 18:02           ` Ken Goldman
2020-02-10 18:36             ` Eric Biggers
     [not found]           ` <3b21122352a44cb9a20030a32f07e38a@MN2PR20MB2973.namprd20.prod.outlook.com>
2020-02-11  7:56             ` Van Leeuwen, Pascal [this message]
2020-02-07  9:22 ` [PATCH 2/2] ima: add sm3-256 algorithm to hash algorithm configuration list Tianjia Zhang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=SN4PR0401MB36637D914CAB78B2B104A73EC3180@SN4PR0401MB3663.namprd04.prod.outlook.com \
    --to=pvanleeuwen@rambus.com \
    --cc=kgold@linux.ibm.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).