> On Wed, Jun 29, 2016 at 08:34:06PM +0200, Jonas Schnelli via bitcoin-dev
> wrote:
>>> Based on previous crypto analysis result, the actual security of SHA512
>>> is not significantly higher than SHA256.
>>> maybe we should consider SHA3?
>>
>> As far as I know the security of the symmetric ciphe
On Wed, Jun 29, 2016 at 08:34:06PM +0200, Jonas Schnelli via bitcoin-dev wrote:
> > Based on previous crypto analysis result, the actual security of SHA512
> > is not significantly higher than SHA256.
> > maybe we should consider SHA3?
>
> As far as I know the security of the symmetric cipher key
Hi Ethan
>> It is important to include the cipher-type into the symmetric cipher key to
>> avoid weak-cipher-attacks.
>
> the cipher-type here refers to the ECDH negotiation parameters?
No. Not to the ECDH negotiation.
BIP151 specifies a flexible symmetric key cipher type negotiation,
although
> Based on previous crypto analysis result, the actual security of SHA512
> is not significantly higher than SHA256.
> maybe we should consider SHA3?
As far as I know the security of the symmetric cipher key mainly depends
on the PRNG and the ECDH scheme.
The HMAC_SHA512 will be used to "drive" k
Just to clarify in BIP-0151 when it says:
>It is important to include the cipher-type into the symmetric cipher key to
>avoid weak-cipher-attacks.
the cipher-type here refers to the ECDH negotiation parameters?
On Wed, Jun 29, 2016 at 2:58 AM, Pieter Wuille wrote:
> On Jun 29, 2016 07:05, "Eth
On Tue, Jun 28, 2016 at 06:45:58PM +0200, Eric Voskuil via bitcoin-dev wrote:
> > then we should definitively use a form of end-to-end encryption between
> > nodes. Built into the network layer.
>
> Widespread application of this model is potentially problematic. It is a
> non-trivial problem to d