Experiment: Hash Functions with Parameters in the Cryptographic Message Syntax (CMS) and S/MIME
RFC 6210

Document Type RFC - Experimental (April 2011; Errata)
Was draft-schaad-smime-hash-experiment (individual in gen area)
Last updated 2014-01-14
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 6210 (Experimental)
Telechat date
Responsible AD spt
Send notices to ietf@augustcellars.com, draft-schaad-smime-hash-experiment@ietf.org
Internet Engineering Task Force (IETF)                         J. Schaad
Request for Comments: 6210                       Soaring Hawk Consulting
Category: Experimental                                        April 2011
ISSN: 2070-1721

               Experiment: Hash Functions with Parameters
          in the Cryptographic Message Syntax (CMS) and S/MIME

Abstract

   New hash algorithms are being developed that may include parameters.
   Cryptographic Message Syntax (CMS) has not currently defined any hash
   algorithms with parameters, but anecdotal evidence suggests that
   defining one could cause major problems.  This document defines just
   such an algorithm and describes how to use it so that experiments can
   be run to find out how bad including hash parameters will be.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for examination, experimental implementation, and
   evaluation.

   This document defines an Experimental Protocol for the Internet
   community.  This document is a product of the Internet Engineering
   Task Force (IETF).  It represents the consensus of the IETF
   community.  It has received public review and has been approved for
   publication by the Internet Engineering Steering Group (IESG).  Not
   all documents approved by the IESG are a candidate for any level of
   Internet Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6210.

Schaad                        Experimental                      [Page 1]
RFC 6210                 CMS Parameterized Hash               April 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
     1.1.  Notation . . . . . . . . . . . . . . . . . . . . . . . . .  5
   2.  XOR-MD5 Digest Algorithm . . . . . . . . . . . . . . . . . . .  5
   3.  ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . . . .  6
   4.  CMS ASN.1 Handling . . . . . . . . . . . . . . . . . . . . . .  6
   5.  MIME Handling  . . . . . . . . . . . . . . . . . . . . . . . .  6
   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  7
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . .  7
     8.1.  Normative References . . . . . . . . . . . . . . . . . . .  7
     8.2.  Informative References . . . . . . . . . . . . . . . . . .  8
   Appendix A.  Examples  . . . . . . . . . . . . . . . . . . . . . .  9
     A.1.  Encapsulated Signed Data Example . . . . . . . . . . . . .  9
     A.2.  Multipart Signed Message . . . . . . . . . . . . . . . . . 10
     A.3.  Authenticated Data Example . . . . . . . . . . . . . . . . 12
   Appendix B.  2008 ASN.1 Module . . . . . . . . . . . . . . . . . . 13

Schaad                        Experimental                      [Page 2]
RFC 6210                 CMS Parameterized Hash               April 2011

1.  Introduction

   At the present time, all hash algorithms that are used in
   Cryptographic Message Syntax (CMS) implementations are defined as
   having no parameters.  Anecdotal evidence suggests that if a hash
   algorithm is defined that does require the presence of parameters,
   there may be extensive problems.  This document presents the details
   needed to run an experiment so that the community can find out just
   how bad the situation really is and, if needed, either make drastic
   changes in implementations or make sure that any hash algorithms
   chosen do not have parameters.

   In CMS data structures, hash algorithms currently exist in the
   following locations:

   o  SignerInfo.digestAlgorithm - holds the digest algorithm used to
      compute the hash value over the content.

   o  DigestedData.digestAlgorithm - holds the digest algorithm used to
      compute the hash value over the content.

   o  AuthenticatedData.digestAlgorithm - holds the digest algorithm
Show full document text