Re: SHA-2 based HMAC algorithm...

["Mark D. Baushke" <mdb%juniper.net@localhost>]

Hi Joseph,

Joseph Galbraith <galb-list%vandyke.com@localhost> writes:

> Is there a SHA-2 based HMAC algorithm specified in any of
> the recent extension RFCs?

Given you are asking in ietf-ssh, I suppose you are interested in just
the secure shell protocol? If so, the place to look toward the IANA
assigned names for the SSHv2 protocol at the
http://www.iana.org/assignments/ssh-parameters URL.

> I looked but didn't see one.

I concur, there is nothing regarding the use of HMAC-SHA-2* algorithms
with the secure shell protocol currently listed published in an RFC.

If you are interested in SHA-2 based HMAC algorithms listed in the RFCs
in general, then there are some recent works which have such references:

RFC 5709 (OSPFv2 HMAC-SHA Cryptographic Authentication) which references
         HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 and has a MUST for
         HMAC-SHA-256 support.

RFC 4868 (Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec)
         which talks about using them as PRFs for IKE and IKEv2.

> Has anyone implement such a thing as a @domain.name extension?

For the secure shell protocol, I have seen these macs:

  hmac-sha256-2%ssh.com@localhost
  hmac-sha512%ssh.com@localhost
  hmac-sha384%ssh.com@localhost
  hmac-sha224%ssh.com@localhost
  hmac-sha256%ssh.com@localhost
  hmac-sha256-96%ssh.com@localhost

being negotiated, but there may be other folks who are adding their own
extension too.

        -- Mark