[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNUnet-developers] HKDF usage in GNS block encryption
|
From: |
Schanzenbach, Martin |
|
Subject: |
Re: [GNUnet-developers] HKDF usage in GNS block encryption |
|
Date: |
Mon, 16 Sep 2019 20:33:28 +0200 |
Yeah, I also wondered when I wrote that in the spec...
> On 16. Sep 2019, at 20:02, Christian Grothoff <address@hidden> wrote:
>
> Signed PGP part
> It is not intended, but AFAIK also has no security implications.
> Nevertheless, we should probably plan to fix the swap when we next break
> compatibility.
>
> On 9/16/19 7:35 PM, Bernd Fix wrote:
>> The function "derive_block_aes_key" in "gnsrecord_crypto.c" swaps the
>> arguments for "key" and "salt" in the calls of "hkdf" - is that intented?
>>
>> If so, what is the rationale behind it? It is done correctly in the
>> derivation functions for keys, so I wonder... the entropy of the key
>> (~255) is much higher than that of the salt (~50 for a 12-letter label).
>> Does that have security implications? >Y<
>>
>> _______________________________________________
>> GNUnet-developers mailing list
>> address@hidden
>> https://lists.gnu.org/mailman/listinfo/gnunet-developers
>>
>
>
>
signature.asc
Description: Message signed with OpenPGP