Daiki Ueno <u...@gnu.org> writes:
> I'm attaching a patch to update the documentation.
Thanks.
> -@subsubsection @acronym{SHAKE-256}
> +@subsubsection @acronym{SHAKE-128}
> @cindex SHAKE
I think heading should be just "shake".
> -In addition to those SHA-3 hash functions, Nettle also provides a SHA-3
> -extendable-output function (XOF), SHAKE-256. Unlike SHA-3 hash functions,
> -SHAKE can produce an output digest of any desired length.
> +In addition to those SHA-3 hash functions, Nettle also provides a
> +SHA-3 extendable-output function (XOF) called SHAKE. Unlike hash
> +functions, SHAKE can produce an output digest of any desired
> +length. There are two variants, SHAKE-128 and SHAKE-256, with
> +different security strengths in terms of collision or preimage
> +resistance.
> +
> +SHAKE-128 internally uses a SHA-3 hash function with 128-bit security
> +strength against second preimage attacks. The hash function is not
> +usable alone with Nettle, only for the use with SHAKE-128.
I think it would be good to write in the intro that shake-256
corresponds to sha3-256, while shake-128 uses sha3 with parameters
corresponding to 128-bit security, for which there's no corresponding
plain hash function defined.
It might also make sense to explain the difference between _shake and
_shake_output functions here, and make the description under each
function a bit shorter.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se
