[noise] KDF, part 9281274
Jason A. Donenfeld
Jason at zx2c4.com
Fri Apr 22 08:18:31 PDT 2016
Hey Trevor,
I just wanted to have a final pass at this issue, in light of the
other thread on KDF argument order and your requirements for a
dual-PRF.
What precisely would be wrong about greatly simplifying and
speeding-up the whole thing by defining KDF either as:
output = BLAKE2b-PRF(key, input)
return (output[0:31], output[32:63])
or
output = HMAC-SHA2-512(key, input)
return (output[0:31], output[32:63])
With the choice of which one of these two to use being specified in
the cipher suites. These are both solid in the ROM.
What precisely prevents you from using these?
Regards,
Jason
More information about the Noise
mailing list