On Sat, Sep 20, 2014 at 06:53:06PM +0200, stef wrote: > On Sat, Sep 20, 2014 at 06:43:56PM +0200, CodesInChaos wrote: > > Why would you use scrypt for anything except strengthening low entropy > > secrets (like passwords)?
reason: i'm stupid, wasn't thinking, and had so far no such valuable feedback as ours. > > For high entropy secrets there are much simpler and cleaner > > alternatives, such as HKDF. > > excellent observation. with nacl would generic_hash(master_key, some_const, > key_size) > be sufficient as a kdf? thank you for this useful feedback! i removed scrypt and replaced it with above suggestion. updated on git. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt
