From 96277a1a1490d89f79744d489c1ca700538497c2 Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Fri, 17 Sep 2021 15:30:56 +0100 Subject: [PATCH] ZIP 316: Expand "Message Authentication Code", and a wording improvement. Signed-off-by: Daira Hopwood --- zip-0316.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/zip-0316.rst b/zip-0316.rst index df6cca0c..4512ec6c 100644 --- a/zip-0316.rst +++ b/zip-0316.rst @@ -714,15 +714,15 @@ require roughly :math:`\ell_M` bytes plus the size of a BLAKE2b hash state. However, it is possible to reduce this by streaming the :math:`d` part of the jumbled encoding three times from a less memory-constrained device. It is essential that the streamed value of :math:`d` is the same on each pass, -which can be verified using a MAC (with key held only by the Consumer) or -collision-resistant hash function. After the first pass of :math:`d`, the -implementation is able to compute :math:`y;` after the second pass it is -able to compute :math:`a;` and the third allows it to compute and -incrementally parse :math:`b.` The maximum memory usage during this process -would be 128 bytes plus two BLAKE2b hash states. +which can be verified using a Message Authentication Code (with key held +only by the Consumer) or collision-resistant hash function. After the first +pass of :math:`d`, the implementation is able to compute :math:`y;` after +the second pass it is able to compute :math:`a;` and the third allows it to +compute and incrementally parse :math:`b.` The maximum memory usage during +this process would be 128 bytes plus two BLAKE2b hash states. Since this streaming implementation of :math:`\mathsf{F4Jumble}^{-1}` is -quite complicated, we do not require all Consumers to support it. If a +quite complicated, we do not require all Consumers to support streaming. If a Consumer implementation cannot support UAs / UVKs up to the maximum length, it MUST nevertheless support UAs / UVKs with :math:`\ell_M` of at least :math:`256` bytes. Note that this effectively defines two conformance levels