Jonas Schnelli [ARCHIVE] on Nostr: 📅 Original date posted:2016-06-29 📝 Original message:> Based on previous crypto ...
📅 Original date posted:2016-06-29
📝 Original message:> Based on previous crypto analysis result, the actual security of SHA512
> is not significantly higher than SHA256.
> maybe we should consider SHA3?
As far as I know the security of the symmetric cipher key mainly depends
on the PRNG and the ECDH scheme.
The HMAC_SHA512 will be used to "drive" keys from the ECDH shared secret.
HMAC_SHA256 would be sufficient but I have specified SHA512 to allow to
directly derive 512bits which allows to have two 256bit keys with one
HMAC operation (same pattern is used in BIP for the key/chaincode
derivation).
Keccak would be an alternative but we probably don't want to introduce
another new hash type just for the encryption.
</jonas>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160629/3c5c25c5/attachment.sig>;
📝 Original message:> Based on previous crypto analysis result, the actual security of SHA512
> is not significantly higher than SHA256.
> maybe we should consider SHA3?
As far as I know the security of the symmetric cipher key mainly depends
on the PRNG and the ECDH scheme.
The HMAC_SHA512 will be used to "drive" keys from the ECDH shared secret.
HMAC_SHA256 would be sufficient but I have specified SHA512 to allow to
directly derive 512bits which allows to have two 256bit keys with one
HMAC operation (same pattern is used in BIP for the key/chaincode
derivation).
Keccak would be an alternative but we probably don't want to introduce
another new hash type just for the encryption.
</jonas>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160629/3c5c25c5/attachment.sig>;