Re: [GNUnet-developers] HKDF usage in GNS block encryption

gnunet-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] HKDF usage in GNS block encryption

From:	Christian Grothoff
Subject:	Re: [GNUnet-developers] HKDF usage in GNS block encryption
Date:	Mon, 16 Sep 2019 20:02:33 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0

It is not intended, but AFAIK also has no security implications.
Nevertheless, we should probably plan to fix the swap when we next break
compatibility.

On 9/16/19 7:35 PM, Bernd Fix wrote:
> The function "derive_block_aes_key" in "gnsrecord_crypto.c" swaps the
> arguments for "key" and "salt" in the calls of "hkdf" - is that intented?
> 
> If so, what is the rationale behind it? It is done correctly in the
> derivation functions for keys, so I wonder... the entropy of the key
> (~255) is much higher than that of the salt (~50 for a 12-letter label).
> Does that have security implications?    >Y<
> 
> _______________________________________________
> GNUnet-developers mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/gnunet-developers
>

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-developers] HKDF usage in GNS block encryption, Bernd Fix, 2019/09/16
- Re: [GNUnet-developers] HKDF usage in GNS block encryption, Christian Grothoff <=
  - Re: [GNUnet-developers] HKDF usage in GNS block encryption, Schanzenbach, Martin, 2019/09/16
  - Re: [GNUnet-developers] HKDF usage in GNS block encryption, Bernd Fix, 2019/09/16

Prev by Date: [GNUnet-developers] HKDF usage in GNS block encryption
Next by Date: Re: [GNUnet-developers] HKDF usage in GNS block encryption
Previous by thread: [GNUnet-developers] HKDF usage in GNS block encryption
Next by thread: Re: [GNUnet-developers] HKDF usage in GNS block encryption
Index(es):
- Date
- Thread