[noise] Wrong arguments for KDF in PSK mode

Rhys Weatherley rhys.weatherley at gmail.com
Thu Apr 21 14:11:35 PDT 2016

On Fri, Apr 22, 2016 at 5:25 AM, Trevor Perrin <trevp at trevp.net> wrote:

> I'd also like to consider whether we should be more restrictive in
> what we allow as PSK inputs, so people don't misuse PSKs with
> low-entropy data, but I'll bring that up separately.

"PSK's should be pseudorandom data with at least 256 bits of entropy.  It
is not recommended for PSK's to be based on human-typed passwords.  But if
they are, then the password together with a salt should be preprocessed
with a KDF function like PBKDF2 or scrypt before using it as a PSK".


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20160422/a39e349c/attachment.html>

More information about the Noise mailing list