[noise] Wrong arguments for KDF in PSK mode
Rhys Weatherley
rhys.weatherley at gmail.com
Thu Apr 21 14:11:35 PDT 2016
On Fri, Apr 22, 2016 at 5:25 AM, Trevor Perrin <trevp at trevp.net> wrote:
> I'd also like to consider whether we should be more restrictive in
> what we allow as PSK inputs, so people don't misuse PSKs with
> low-entropy data, but I'll bring that up separately.
>
"PSK's should be pseudorandom data with at least 256 bits of entropy. It
is not recommended for PSK's to be based on human-typed passwords. But if
they are, then the password together with a salt should be preprocessed
with a KDF function like PBKDF2 or scrypt before using it as a PSK".
Cheers,
Rhys.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20160422/a39e349c/attachment.html>
More information about the Noise
mailing list