KDFs (Key Derivation Functions) are used to stretch user-supplied
key material to specific size(s) required by high level cryptographic
primitives. Described in the UMAC
paper, this function basically operates an underlying symmetric key block
cipher instance in output feedback mode (OFB), as a strong
pseudo-random number generator.
UMacGenerator
requires an index parameter
(initialisation parameter gnu.crypto.prng.umac.kdf.index
taken
to be an instance of
java.lang.Integer with a value between
0
and 255
). Using the same key, but different
indices, generates different pseudorandom outputs.
This implementation generalises the definition of the
UmacGenerator
algorithm to allow for other than the AES symetric
key block cipher algorithm (initialisation parameter
gnu.crypto.prng.umac.cipher.name
taken to be an instance of
java.lang.String). If such a parameter is not defined/included in the
initialisation Map
, then the "Rijndael" algorithm is used.
Furthermore, if the initialisation parameter
gnu.crypto.cipher.block.size
(taken to be a instance of
java.lang.Integer) is missing or undefined in the initialisation Map
, then the cipher's default block size is used.
NOTE: Rijndael is used as the default symmetric key block cipher
algorithm because, with its default block and key sizes, it is the AES. Yet
being Rijndael, the algorithm offers more versatile block and key sizes which
may prove to be useful for generating "longer" key streams.
References:
-
UMAC: Message Authentication Code using Universal Hashing.
T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.