Crypto checksum generation

This section describes the algorithm used to generate a crypto checksum using a Key Derivation Function ([SP800-108]). The algorithm accepts the following inputs:

  • Key: An array of bytes.

  • Label: An array of bytes.

  • Context: An array of bytes.

  • Message: An array of bytes.

The checksum generation algorithm is defined as follows:

 K = KDF(Key, Label, Context)
 CryptoChecksum = HMACSHA512(K, Message)


  • KDF is an execution of the algorithm specified in [SP800-108] section 5.1.

  • Key, Label, and Context are inputs to the checksum algorithm as specified previously; Key corresponds to the parameter KI in [SP800-108] section 5.1; Label and Context correspond to the parameters by the same names in [SP800-108] section 5.1.

  • Message is an input to the checksum algorithm as specified previously.

  • HMACSHA512 is an invocation of the Hash-based Message Authentication Mode (HMAC) function with hash function SHA512 (defined in [FIPS180-3]).

The resulting 512-bit CryptoChecksum value is returned to the caller upon completion.