gnunet-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-developers] HKDF usage in GNS block encryption


From: Bernd Fix
Subject: [GNUnet-developers] HKDF usage in GNS block encryption
Date: Mon, 16 Sep 2019 17:35:28 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2

The function "derive_block_aes_key" in "gnsrecord_crypto.c" swaps the
arguments for "key" and "salt" in the calls of "hkdf" - is that intented?

If so, what is the rationale behind it? It is done correctly in the
derivation functions for keys, so I wonder... the entropy of the key
(~255) is much higher than that of the salt (~50 for a 12-letter label).
Does that have security implications?    >Y<



reply via email to

[Prev in Thread] Current Thread [Next in Thread]