RFR: 8354305: SHAKE128 and SHAKE256 MessageDigest algorithms
Weijun Wang
weijun at openjdk.org
Thu Apr 24 15:42:41 UTC 2025
On Thu, 17 Apr 2025 17:17:15 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
> I will take a look~
Thanks.
I have 2 concerns on this feature:
1. These algorithms are mainly used in higher-level algorithms, mainly signature algorithms. It seems seldom used on their owns. But again, even other SHA-3 algorithms are not used a lot.
2. SHAKE128 is both an XOF and a `MessageDigest` algorithm. Although it's well-known that when it is used as a `MessageDigest` algorithm the output size is 256 bits, people might still be confused or simply not aware of it. In this sense, the name might be better SHAKE128-256. Same for SHAKE256, which could be SHAKE256-512.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/24576#issuecomment-2828084387
More information about the security-dev
mailing list