[noise] hkdf branch with arbitrary-length keyed hashing functions
Jason A. Donenfeld
Jason at zx2c4.com
Mon Oct 12 14:57:31 PDT 2015
On Mon, Oct 12, 2015 at 8:17 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> Any objections or security considerations with regards to this?
*If* this turns out to be safe, we've also won a huge performance
speedup, making this variant of the hkdf branch actually faster than,
rather than slower than, the n0 branch.
For each MixKey():
- n0: 1 or 0 encryption + 2 hash
- hkdf: 6 hash
- blake2b-kdf: 1 hash
Success.
Now it's that *if* there I'm anxious to hear about.
More information about the Noise
mailing list