[noise] Analysis of Noise KDF
Jason A. Donenfeld
Jason at zx2c4.com
Fri Apr 29 13:47:27 PDT 2016
On Fri, Apr 29, 2016 at 2:29 AM, Trevor Perrin <trevp at trevp.net> wrote:
>
> Your proposal reduces the amount of hashing applied to inputs. So the
> current design has more security margin, if the hash turns out to be
> bad.
>
This isn't super compelling. It's like saying -- let's apply AES four
times, in case it turns out to be bad. The primitive designers have
hopefully already left a reasonable margin in case a few rounds are broken.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20160429/04e92b2e/attachment.html>
More information about the Noise
mailing list