[tahoe-dev] proposal for the Key-Derivation Function for the next generation of caps
Zooko Wilcox-O'Hearn
zooko at zooko.com
Tue Aug 11 08:21:08 PDT 2009
Folks:
I finally finished reading this long and technical paper by Hugo
Krawczyk about Key-Derivation Functions:
http://zooko.com/klog
I intend to ask cryptographers if they agree that HKDF is a nice
strong, efficient way to do it and a good candidate for a future
standard. Unless someone raises some major issue against it, let's
settle on using HKDF (with extraction step using SHA-2-512 truncated
to 256 bits and expand step using SHA-2-256) for key-derivation
functions in future versions of Tahoe-LAFS.
Also, my klog today mentions some new research papers which might
help formalize "semi-private keys". I haven't read them yet. I only
get a few minutes to read each day on the bus to and from work. :-)
Regards,
Zooko
More information about the tahoe-dev
mailing list