lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 22 May 2014 18:10:36 +0300
From:	Horia Geanta <>
To:	Steffen Klassert <>,
	Herbert Xu <>,
	"David S. Miller" <>
CC:	Lei Xu <>,
	Sandeep Malik <>,
	<>, <>
Subject: [RFC ipsec-next] Non-standard sha256 ICV truncation size


I am sending this patch as RFC, since the change is likely to create
interoperability issues.
I'd like to get some comments on what should be the correct approach in this
standard vs. de facto setup.

Note that an older commit (which is no longer in git's history, but can be found
here changed truncated ICV size
from 128bit to 96bit:

commit 627d1054055f465603bcfb7ef5c9adc5db9b2a53
Author: Michal Ludvig <>
Date:   Fri Jan 9 04:55:59 2004 -0800

    [XFRM]: SHA2-256 should be truncated to 96 bits, not 128.

It seems that initially the sha256 ICV was truncated to 128 bits, but later
changed to 96 bits due to interoperability issues - see comment here:

Note that commit above is from 2004, long before RFC4868 was released (2007).


Lei Xu (1):
  xfrm: make sha256 icv truncation length RFC-compliant

 net/xfrm/xfrm_algo.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists