That's a lot of questions but I will answer some of them. Gil wrote on 09/16/2021 03:52:06 PM:
> What does a "HASH" have to do with a "seed"? Isn't a hash algorithm > such as SHA-1 deterministic, repeatable, so that (e.g.) CSNBOWH will > produce the same result for a given message every time? (I verified > the availability of CSNBOWH by passing it "Hello, World!' and > verifying the output.) In this case, the term seed was being misused. When you generate an HMAC, the key is part of the operation. Effectively, it "seeds" the operation, so the same message would result in two different HMAC values with different keys. The same kind of effect from hashing two strings with different prefixes prepended. > Does ICSF's random number generator support seeding? No. We prefer to get our random bytes from the CCA coprocesor ( https://csrc.nist.gov/projects/Cryptographic-Algorithm-Validation-Program/details?source=DRBG&number=2130 ) If that is not available, we will exploit the PRNO-TRNG (MSA Extension 7 on z14) with the PRNO-SHA-512-DRNG as a hybrid DRNG. > And the suggestion of translating the message to hex and hashing the > hex stream can fail depending on whether the hex is represented in > ASCII or EBCDIC. The message being hashed is a binary stream and technically has no encoding whatsoever. The only requirement is that the message being hashed (or HMACed) is unchanged (binary) between operations. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
