Re: [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256 | linux-security-module

Re: [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256

From: James Bottomley <James.Bottomley@HansenPartnership.com>
Date: 2020-02-10 16:39:42
Also in: linux-crypto, linux-integrity, lkml

On Mon, 2020-02-10 at 11:30 -0500, Ken Goldman wrote:

On 2/9/2020 10:17 PM, Eric Biggers wrote:

quoted

According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html
,
SM3 always produces a 256-bit hash value.  E.g., it says:

	"SM3 produces an output hash value of 256 bits long"

and

	"SM3 is a hash function that generates a 256-bit hash value."

I don't see any mention of "SM3-256".

So why not just keep it as "sm3" and change hash_info.c instead?
Since the name there is currently wrong, no one can be using it
yet.

Question:  Is 256 bits fundamental to SM3?

No.

  Could there ever be a 
variant in the future that's e.g., 512 bits?

Yes, SM3 like SHA-3 is based on a 512  bit input blocks.  However,
what's left of the standard:

https://www.ietf.org/archive/id/draft-sca-cfrg-sm3-02.txt

Currently only defines a 256 output (via compression from the final 512
bit output).  In theory, like SHA-3, SM3 could support 384 and 512
output variants.  However, there's no evidence anyone is working on
adding this.

James

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help