[GNUnet-developers] HKDF usage in GNS block encryption

gnunet-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-developers] HKDF usage in GNS block encryption

From:	Bernd Fix
Subject:	[GNUnet-developers] HKDF usage in GNS block encryption
Date:	Mon, 16 Sep 2019 17:35:28 +0000
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2

The function "derive_block_aes_key" in "gnsrecord_crypto.c" swaps the
arguments for "key" and "salt" in the calls of "hkdf" - is that intented?

If so, what is the rationale behind it? It is done correctly in the
derivation functions for keys, so I wonder... the entropy of the key
(~255) is much higher than that of the salt (~50 for a 12-letter label).
Does that have security implications?    >Y<

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-developers] HKDF usage in GNS block encryption, Bernd Fix <=
- Re: [GNUnet-developers] HKDF usage in GNS block encryption, Christian Grothoff, 2019/09/16
  - Re: [GNUnet-developers] HKDF usage in GNS block encryption, Schanzenbach, Martin, 2019/09/16
  - Re: [GNUnet-developers] HKDF usage in GNS block encryption, Bernd Fix, 2019/09/16

Prev by Date: Re: [GNUnet-developers] question about src/transport
Next by Date: Re: [GNUnet-developers] HKDF usage in GNS block encryption
Previous by thread: [GNUnet-developers] question about src/transport
Next by thread: Re: [GNUnet-developers] HKDF usage in GNS block encryption
Index(es):
- Date
- Thread