Filippo Valsorda :go: on Nostr: Is HKDF FIPS compliant? Yes, in more ways than one. It's approved for key-agreement ...
Is HKDF FIPS compliant? Yes, in more ways than one.
It's approved for key-agreement as SP 800-56C Rev. 2 and for general-purpose use per SP 800-133 Rev. 2 (Section 6.3 Option #3) and SP 800-108.
I didn't really believe it, so I went and tested x/crypto/hkdf against SP 800-108 ACVP vectors.
This took the better part of two days to chase down. I have made some life choices.
(And yes, those are Blahaj, what's your question?)
https://words.filippo.io/dispatches/fips-hkdf/?source=Mastodon
It's approved for key-agreement as SP 800-56C Rev. 2 and for general-purpose use per SP 800-133 Rev. 2 (Section 6.3 Option #3) and SP 800-108.
I didn't really believe it, so I went and tested x/crypto/hkdf against SP 800-108 ACVP vectors.
This took the better part of two days to chase down. I have made some life choices.
(And yes, those are Blahaj, what's your question?)
https://words.filippo.io/dispatches/fips-hkdf/?source=Mastodon