draft-ietf-lamps-cms-hash-sig-05.txt   draft-ietf-lamps-cms-hash-sig-06.txt 
INTERNET-DRAFT R. Housley INTERNET-DRAFT R. Housley
Internet Engineering Task Force (IETF) Vigil Security Internet Engineering Task Force (IETF) Vigil Security
Intended Status: Proposed Standard Intended Status: Proposed Standard
Expires: 22 August 2019 22 February 2019 Expires: 26 August 2019 26 February 2019
Use of the HSS/LMS Hash-based Signature Algorithm Use of the HSS/LMS Hash-based Signature Algorithm
in the Cryptographic Message Syntax (CMS) in the Cryptographic Message Syntax (CMS)
<draft-ietf-lamps-cms-hash-sig-05> <draft-ietf-lamps-cms-hash-sig-06>
Abstract Abstract
This document specifies the conventions for using the the HSS/LMS This document specifies the conventions for using the the HSS/LMS
hash-based signature algorithm with the Cryptographic Message Syntax hash-based signature algorithm with the Cryptographic Message Syntax
(CMS). In addition, the algorithm identifier and public key syntax (CMS). In addition, the algorithm identifier and public key syntax
are provided. The HSS/LMS algorithm is one form of hash-based are provided. The HSS/LMS algorithm is one form of hash-based
digital signature; it is described in [HASHSIG]. digital signature; it is described in [HASHSIG].
Status of this Memo Status of this Memo
skipping to change at page 3, line 24 skipping to change at page 3, line 24
hash-based digital signature, and it is described in [HASHSIG]. The hash-based digital signature, and it is described in [HASHSIG]. The
HSS/LMS signature algorithm can only be used for a fixed number of HSS/LMS signature algorithm can only be used for a fixed number of
signing operations. The number of signing operations depends upon signing operations. The number of signing operations depends upon
the size of the tree. The HSS/LMS signature algorithm uses small the size of the tree. The HSS/LMS signature algorithm uses small
public keys, and it has low computational cost; however, the public keys, and it has low computational cost; however, the
signatures are quite large. The HSS/LMS private key can be very signatures are quite large. The HSS/LMS private key can be very
small when the signer is willing to perform additional computation at small when the signer is willing to perform additional computation at
signing time; alternatively, the private key can consume additional signing time; alternatively, the private key can consume additional
memory and provide a faster signing time. memory and provide a faster signing time.
Well, yes, there is quite a range of possible time/memory trade-offs
available when storing the private key; if you need to, the private
key can be expressed in quite a small amount of space (albeit at the
expense of making the signature generation operation expensive).
1.1. ASN.1 1.1. ASN.1
CMS values are generated using ASN.1 [ASN1-B], using the Basic CMS values are generated using ASN.1 [ASN1-B], using the Basic
Encoding Rules (BER) and the Distinguished Encoding Rules (DER) Encoding Rules (BER) and the Distinguished Encoding Rules (DER)
[ASN1-E]. [ASN1-E].
1.2. Terminology 1.2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
 End of changes. 3 change blocks. 
7 lines changed or deleted 2 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/