'tsig-keygen' vs 'dnssec-keygen' - keysize

Evan Hunt each at isc.org
Thu Sep 6 06:34:42 UTC 2018

On Thu, Sep 06, 2018 at 04:28:23AM +0000, Browne, Stuart via bind-users wrote:
> Ok, then here goes me in my not-really-understanding HMAC properly.
> When using 'dnssec-keygen -a hmac-md5 -b 512 -n HOST some-name' (512
> being the max keysize lited in 'dnssec-keygen -h'), we end up with an 88
> byte string of secret data.
> When using 'tsig-keygen -a hmac-md5 some-name', we end up with a 24 bytes
> string of secret data.
> Is there no cryptographic difference between the short/long output?

As I understand it (though I haven't studied this in a while and may be
fuzzy), the HMAC algorithm shortens keys that are longer than the block
size before it uses them, so it's true, long keys aren't necessary or
particularly helpful.

> Incidentally using bind-9.11 I was unable to use the truncation method
> you mentioned below (not that I really want to). Is it a 9.12 onwards
> thing?

No, but Mark's comment may have been confusing.  You can set up keys
that way in named.conf ("algorithm hmac-md5-96;" or whatever). At first
I thought he was talking about tsig-keygen; perhaps you read it the same
way I did?

Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.

More information about the bind-users mailing list