SecureD Futures (v2.0)
sarn
sarn at theartofmachinery.com
Mon May 28 07:14:46 UTC 2018
On Monday, 28 May 2018 at 06:22:02 UTC, Adam Wilson wrote:
> On 05/27/2018 08:52 PM, sarn wrote:
>> On Monday, 28 May 2018 at 02:25:20 UTC, Adam Wilson wrote:
>>> I like it. But it does require more space. We need three
>>> salts and three lengths in the header. One for the PBKDF2
>>> KDK, one for the MAC key, and one for the encryption key.
>>
>> HKDF-Expand doesn't need a salt. You just need one salt to
>> make the KDK (whether you use PBKDF2 or HKDF-Extract for that)
>> and no extra salts for deriving the encryption and MAC key.
>
> Strictly speaking, it's is Optional but Strongly Recommended
> per RFC5869-3.1
There's HKDF-Expand and there's HKDF-Extract. HKDF-Extract takes
an optional salt and HKDF-Expand doesn't use a salt at all (take
a closer look at that RFC). That OpenSSL routine is the
combination of the two, so that's why it takes the salt.
More information about the Digitalmars-d
mailing list