SecureD Futures (v2.0)
Adam Wilson
flyboynw at gmail.com
Mon May 28 06:22:02 UTC 2018
On 05/27/2018 08:52 PM, sarn wrote:
> On Monday, 28 May 2018 at 02:25:20 UTC, Adam Wilson wrote:
>> I like it. But it does require more space. We need three salts and
>> three lengths in the header. One for the PBKDF2 KDK, one for the MAC
>> key, and one for the encryption key.
>
> HKDF-Expand doesn't need a salt. You just need one salt to make the KDK
> (whether you use PBKDF2 or HKDF-Extract for that) and no extra salts for
> deriving the encryption and MAC key.
Strictly speaking, it's is Optional but Strongly Recommended per RFC5869-3.1
The use case here is that this data is going into storage and that
storage is cheap. We don't have to be strict on our byte budget. :)
https://tools.ietf.org/html/rfc5869
https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_hkdf_md.html
SecureD is supposed to be "Crypto done right." So I might as well do it
right and follow the RFC.
--
Adam Wilson
IRC: LightBender
import quiet.dlang.dev;
More information about the Digitalmars-d
mailing list