Potential IDPrism problem

Taral taralx at gmail.com
Thu Jun 30 10:22:30 PDT 2005

On 6/30/05, Paul Crowley <paul at ciphergoth.org> wrote:
> Taral wrote:
> > I just noticed... mac_key is 64 bytes long, but SHA1 only outputs 20
> > bytes. How is that XOR supposed to work?
> mac_key should be 20 bytes long where DH-SHA1 is used.

So we drop the HMAC security to 160 bits instead of 512? Doesn't seem
reasonable -- we could extract more than that from the DH parameters.

Taral <taralx at gmail.com>

More information about the yadis mailing list