| draft-ietf-lamps-cms-hash-sig-05.txt | draft-ietf-lamps-cms-hash-sig-06.txt | |||
|---|---|---|---|---|
| INTERNET-DRAFT R. Housley | INTERNET-DRAFT R. Housley | |||
| Internet Engineering Task Force (IETF) Vigil Security | Internet Engineering Task Force (IETF) Vigil Security | |||
| Intended Status: Proposed Standard | Intended Status: Proposed Standard | |||
| Expires: 22 August 2019 22 February 2019 | Expires: 26 August 2019 26 February 2019 | |||
| Use of the HSS/LMS Hash-based Signature Algorithm | Use of the HSS/LMS Hash-based Signature Algorithm | |||
| in the Cryptographic Message Syntax (CMS) | in the Cryptographic Message Syntax (CMS) | |||
| <draft-ietf-lamps-cms-hash-sig-05> | <draft-ietf-lamps-cms-hash-sig-06> | |||
| Abstract | Abstract | |||
| This document specifies the conventions for using the the HSS/LMS | This document specifies the conventions for using the the HSS/LMS | |||
| hash-based signature algorithm with the Cryptographic Message Syntax | hash-based signature algorithm with the Cryptographic Message Syntax | |||
| (CMS). In addition, the algorithm identifier and public key syntax | (CMS). In addition, the algorithm identifier and public key syntax | |||
| are provided. The HSS/LMS algorithm is one form of hash-based | are provided. The HSS/LMS algorithm is one form of hash-based | |||
| digital signature; it is described in [HASHSIG]. | digital signature; it is described in [HASHSIG]. | |||
| Status of this Memo | Status of this Memo | |||
| skipping to change at page 3, line 24 ¶ | skipping to change at page 3, line 24 ¶ | |||
| hash-based digital signature, and it is described in [HASHSIG]. The | hash-based digital signature, and it is described in [HASHSIG]. The | |||
| HSS/LMS signature algorithm can only be used for a fixed number of | HSS/LMS signature algorithm can only be used for a fixed number of | |||
| signing operations. The number of signing operations depends upon | signing operations. The number of signing operations depends upon | |||
| the size of the tree. The HSS/LMS signature algorithm uses small | the size of the tree. The HSS/LMS signature algorithm uses small | |||
| public keys, and it has low computational cost; however, the | public keys, and it has low computational cost; however, the | |||
| signatures are quite large. The HSS/LMS private key can be very | signatures are quite large. The HSS/LMS private key can be very | |||
| small when the signer is willing to perform additional computation at | small when the signer is willing to perform additional computation at | |||
| signing time; alternatively, the private key can consume additional | signing time; alternatively, the private key can consume additional | |||
| memory and provide a faster signing time. | memory and provide a faster signing time. | |||
| Well, yes, there is quite a range of possible time/memory trade-offs | ||||
| available when storing the private key; if you need to, the private | ||||
| key can be expressed in quite a small amount of space (albeit at the | ||||
| expense of making the signature generation operation expensive). | ||||
| 1.1. ASN.1 | 1.1. ASN.1 | |||
| CMS values are generated using ASN.1 [ASN1-B], using the Basic | CMS values are generated using ASN.1 [ASN1-B], using the Basic | |||
| Encoding Rules (BER) and the Distinguished Encoding Rules (DER) | Encoding Rules (BER) and the Distinguished Encoding Rules (DER) | |||
| [ASN1-E]. | [ASN1-E]. | |||
| 1.2. Terminology | 1.2. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| End of changes. 3 change blocks. | ||||
| 7 lines changed or deleted | 2 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||