On 08 Dec 2014, at 04:30 , Alexander Shorin kxe...@gmail.com wrote:
On Mon, Dec 8, 2014 at 6:08 AM, Jason Winshell (Bear River)
jas...@bearriver.com wrote:
Thanks. That's exactly what I needed. The relevant government specification
is sp800-131A (section 8, 9 10). It looks like CouchDB's
I think it would be wise for a second set of eyeballs to go over the FIPs
document I cited to verify FIPs compliance before updating CouchDB
documentation. I've been working diligently for some time to get CouchDB
approved for specific federal government applications. Government agencies,
take
CouchDB implements PBDKF2 for admin password hashes. PBDKF2 can be implemented
using a variety of underlying hashing functions. sp800-131A (section 8, 10)
requires the use, after 2013, of HMAC's with The use of key lengths ≥ 112 bits
is acceptable. What HMACs, key lengths or other cryptographic
Hi Jason,
What HMACs, key lengths or other cryptographic functions are used in
CouchDB's implementation of PBDKF2?
SHA1 HMAC is been used with derived key length of 160 bits long, salt
- 128 bit, randomly generated.
And is the source code PBDKF2 implementation available.
Here is the Erlang
Thanks. That's exactly what I needed. The relevant government specification is
sp800-131A (section 8, 9 10). It looks like CouchDB's PBDK2 is FIPs compliant
because it meets the requirements of all these 3 sections -- together.
Section 8: HMAC key derivation functions are acceptable
Section 9:
On Mon, Dec 8, 2014 at 6:08 AM, Jason Winshell (Bear River)
jas...@bearriver.com wrote:
Thanks. That's exactly what I needed. The relevant government specification
is sp800-131A (section 8, 9 10). It looks like CouchDB's PBDK2 is FIPs
compliant because it meets the requirements of all these 3
