I think we need a table with the same platform as in Mike's table that started this discussion with KDFs that actually have implementations. Specification in RFCs or blessing by NIST does not count. Implementations rule.
Usage Param Name Param Val Description .NET Windows native OS X iOS Java JCA BouncyCastle Android PHP PHPSecLib Python M2Crypto PyCrypto Ruby OpenSSL node.js NSS JWE kdf CS256 Concat Key Derivation Function (KDF) NO Win7 NO NO NO NO NO NO NO NO NO NO NO JWE kdf CS384 Concat Key Derivation Function (KDF) NO Win7 NO NO NO NO NO NO NO NO NO NO NO JWE kdf CS512 Concat Key Derivation Function (KDF) NO Win7 NO NO NO NO NO NO NO NO NO NO NO Axel 2012/10/31 Wan-Teh Chang <[email protected]> > On Mon, Oct 29, 2012 at 4:23 PM, Ryan Sleevi <[email protected]> wrote: > > > > However, as an NSS developer, I do not see your presented argument as a > > reason not to use Concat-KDF, and Concat-KDF would be more preferable, > as a > > NIST-blessed KDF, since NSS cares especially for NIST-blessed algorithms. > > I think HKDF (hash-based key derivation function) is also worth > considering. > It is specified in RFC 5869 and is also blessed by NIST in SP 800-56C. > > Wan-Teh > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
