SHA3 2.0 specification

[Kritner]

• Testing SHA3 when not all messages lengths are supported #1003

[smuellerDD]

Am Dienstag, den 17.11.2020, 03:42 -0800 schrieb Russ Hammett: Hi Russ,

- #1003 You can view, comment on, or merge this pull request online at:   #1065 -- Commit Summary --   * SHA3 2.0 testing information -- File Changes --     M README.md (12)     M src/sha3/sections/03-supported.adoc (16)     M src/sha3/sections/05-capabilities.adoc (34)

In the example, should't there be a revision of 2.0 instead of 1.0?

-- Patch Links -- https://github.com/usnistgov/ACVP/pull/1065.patch https://github.com/usnistgov/ACVP/pull/1065.diff

Ciao Stephan

[Kritner]

ah yeah thanks

[smuellerDD]

Just a remark: I am registering my SHA-3 already the same way as SHA-2 that includes the message length without errors.

That said, I tried it again and got no errors either. Is the version 2.0 requirement already enforced? If not, what happens if I use 1.0 and send a message length for SHA-3?

[Kritner]

Properties that don't apply to a registration are simply ignored, so messageLen on a 1.0 registration just means "nothing" to the scope of testing or validation.

2.0 testing should be available on demo shortly but is not currently.

[smuellerDD]

Am Dienstag, den 17.11.2020, 05:50 -0800 schrieb Russ Hammett:

Properties that don't apply to a registration are simply ignored, so messageLen on a 1.0 registration just means "nothing" to the scope of testing or validation.

Ah, ok.

2.0 testing should be available on demo shortly but is not currently.

And just for the records: the version 2.0 only applies to SHA-3 but not to SHA1/2?! Thanks Stephan

[Kritner]

there was no change to the sha1/2 registration nor testing, so it is still revision 1.0. The 2.0 revision of testing for sha3 was simply to have a "more sha1/2 like registration feel", without breaking the existing sha3 1.0 registration properties.

EDIT: I should also note that both the "1.0" and "2.0" revisions of sha3 testing are going to continue to be "valid". The 2.0 registration was introduced for another reason of being able to support IUTs that don't support all message lengths that the 1.0 testing would test against. (Though the digest size and 3x the digest size are still required message lengths for the IUT to support due to MCT testing)