论文信息 - US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)

US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)

This document replaces RFC 4634, fixing errata and adding code for an HMAC-based extract-and-expand key derivation function. The United States of America has adopted a suite of secure hash algorithms (SHAs), including four beyond SHA-1, as part of a Federal Information Processing Standard (FIPS), specifically SHA-224, SHA-256, SHA-384, and SHA-512. This document makes open source code performing the SHA hash functions conveniently available to the Internet community. The sample code supports input strings of arbitrary bit length. Much of the text herein was adapted by the authors from FIPS 180-2. As with RFC 4634, code to perform SHA based HMACs is included and, new in this version, code for HKDF (RFC 5869) is included.

Donald E. Eastlake | Tony Hansen | D. Eastlake | T. Hansen

[1] Donald E. Eastlake,et al. US Secure Hash Algorithms (SHA and HMAC-SHA) , 2006, RFC.

[2] Hugo Krawczyk,et al. HMAC-based Extract-and-Expand Key Derivation Function (HKDF) , 2010, RFC.

[3] E. L. Lohse,et al. Data communications control procedures for the USA standard code for information interchange , 1969, Commun. ACM.

[4] Donald E. Eastlake,et al. Randomness Requirements for Security , 2005, RFC.

[5] Russ Housley. A 224-bit One-way Hash Function: SHA-224 , 2004, RFC.

[6] Russ Housley,et al. Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2005, RFC.

[7] Paul E. Hoffman,et al. Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms , 2011, RFC.

[8] Donald E. Eastlake,et al. US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[9] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.