06-369r2 -- Security Association Model for SPC-4

Ralph Weber roweber at ieee.org
Mon Aug 28 12:22:11 PDT 2006


Formatted message: <A HREF="r0608282_f.htm">HTML-formatted message</A>

Bob,
The FIPS-180-2 with Change notice 1 that I downloaded from the
specified URL, defines SHA-1, SHA-224, SHA-256, SHA-384, and
SHA-512. Because of the way the change notice is applied, I
am inclined to believe the goal is that all SHA-x variants
will be defined in FIPS-180-x.
Certainly, the list in FIPS-180-2 would appear to keep SCSI
in SHA-x algorithms for many years to come.
For this reason, I would like to avoid having to specifically
define each SHA-x instance differently. If you have any specific
suggestions on how to otherwise improve the existing text,
please let me know about them or bring them to the CAP meeting.
Thanks,
.Ralph
Bob.Nixon at Emulex.Com wrote:
> Hi, Ralph, my concerns with this are two (and both very minor): 
>
> First, SHA-256 is a proper name, while SHA, which is certainly
well-defined, is a generic term.  Although the obvious similarity would
likely lead from the proper to the generic, there is no statement that
formally ties the proper to the generic (i.e., that says "SHA-256 is a Secure
Hash Algorithm"). It is identified only as an Auxiliary function used with
NIST SP 800-56A.
>
> Second is the implication that any Secure Hash Function used in SCSI shall
be defined in FIPS-189-2. This may or may not have been your intent.
>
> I think for completeness, the reference in table x3 should simply be
extended to "SHA-256 (see FIPS-189-2".
>
>    - bob
>
> -----Original Message-----
> From: owner-t10 at t10.org [mailto:owner-t10 at t10.org]On Behalf Of Ralph
> Weber
> Sent: Saturday, August 26, 2006 7:23 PM
> To: t10 at t10.org
> Subject: Re: 06-369r2 -- Security Association Model for SPC-4
>
>
> * From the T10 Reflector (t10 at t10.org), posted by:
> * Ralph Weber <roweber at ieee.org>
> *
> Bob,
>
> I have addressed all of your comments except one in the
> draft r3. The one comment not addressed is:
>   
>> SHA-256 seems to be used normatively (tables 44 and x1), but is not 
>> defined anywhere in SPC-4. Is its relevance to SPC-4 fully defined 
>> and/or referenced in NIST SP 800-56A?
>>     
> I believe this issue is already addressed in r2 as follows.
>
> 1) The following is proposed for addition to the NIST Normative References.
>
> FIPS 180-2 with Change Notice 1 dated February 25, 2004, Secure Hash 
> Standard
>
> 2) The glossary entry for SHA clearly states that secure hash algorithms
> are specified in FIPS 180-2 ...
>
> All the best,
>
> .Ralph
>
>
> Bob.Nixon at Emulex.Com wrote:
>   
>> Hi, Ralph, here, for public review, is the Security Association nit 
>> list I transmitted privately, sanitized as you requested  ;-) 
>>
>> 3.1.s defines Security Hash Algorithm (SHA). 3.2 defines SHA as a 
>> Secure Hash Algorithm. I think "Secure" is correct.
>>
>> SHA-256 seems to be used normatively (tables 44 and x1), but is not 
>> defined anywhere in SPC-4. Is its relevance to SPC-4 fully defined 
>> and/or referenced in NIST SP 800-56A?
>>
>> In table x2, definition of DS_NONCE, 2nd line, 2nd "and" should be "an".
>>
>> Table x2 footnote d suggests nonces should be "at least" half the 
>> length of the key seed, suggesting that they might be longer than 
>> that. Although it isn't logically inconsistent, is there a reason to 
>> limit nonces to 32 bytes while key seeds can be up to 64 bytes?
>>
>> 5.13.3.3 item a: I'm not sure what an "SA lifetime value..." is. At 
>> first I thought it was an agreed timeout on an SA, but after more 
>> thought (and seeing no other reference to timeouts), I presume it 
>> means "value that is fixed for the lifetime of the SA..." Is that 
>> correct?
>>
>>     
>
> *
> * For T10 Reflector information, send a message with
> * 'info t10' (no quotes) in the message body to majordomo at t10.org
>
>
>
>
>   



More information about the T10 mailing list