Page 6 of the illustrated primer is better than any ASCII RFC chart I've ever seen.
http://www.slideshare.net/ChristineCorbettMora/axolotl-protocol-an-illustrated-primer On Sat, Sep 20, 2014 at 1:14 PM, stef <[email protected]> wrote: > On Sat, Sep 20, 2014 at 06:53:06PM +0200, stef wrote: > > On Sat, Sep 20, 2014 at 06:43:56PM +0200, CodesInChaos wrote: > > > Why would you use scrypt for anything except strengthening low entropy > > > secrets (like passwords)? > > reason: i'm stupid, wasn't thinking, and had so far no such valuable > feedback > as ours. > > > > For high entropy secrets there are much simpler and cleaner > > > alternatives, such as HKDF. > > > > excellent observation. with nacl would generic_hash(master_key, > some_const, key_size) > > be sufficient as a kdf? > > thank you for this useful feedback! i removed scrypt and replaced it with > above suggestion. updated on git. > > -- > otr fp: https://www.ctrlc.hu/~stef/otr.txt > -- Twitter <https://twitter.com/tbiehn> | LinkedIn <http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn> | TravisBiehn.com <http://www.travisbiehn.com> | Google Plus <https://plus.google.com/+TravisBiehn>
