Adam, On Wed, Dec 28, 2011 at 5:51 PM, Adam Back <[email protected]> wrote: > As there are no NIST KAT / test vectors for the KDF defined in NIST SP 108, > I wonder if anyone is aware of any open source implementations of them to > use for cross testing?
I am not aware of any NIST test vectors, but ESAPI Java does have a FOSS implementation (under the new BSD license) at: <http://owasp-esapi-java.googlecode.com/svn/trunk/src/main/java/org/owasp/esapi/crypto/KeyDerivationFunction.java> that you could try comparing results to. It should be noted that we interpreted section 7.6 of NIST SP 800-108 to imply that the "context" should be _optional_ rather than required (it says "SHOULD" rather than "MUST"), so we set it to the empty string by default. In addition, Jeff Walton (CC'd) is working on a C++ port of the ESAPI Java crypto, so he may have a working C++ implementation that he can point you to. If you get different results than what ESAPI's KeyDerivationFunction produces or if you run across any NIST test vectors, I would appreciate it if you could let me know. Thanks, -kevin -- Blog: http://off-the-wall-security.blogspot.com/ "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents." -- Nathaniel Borenstein _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
