Folks: I finally finished reading this long and technical paper by Hugo Krawczyk about Key-Derivation Functions:
http://zooko.com/klog I intend to ask cryptographers if they agree that HKDF is a nice strong, efficient way to do it and a good candidate for a future standard. Unless someone raises some major issue against it, let's settle on using HKDF (with extraction step using SHA-2-512 truncated to 256 bits and expand step using SHA-2-256) for key-derivation functions in future versions of Tahoe-LAFS. Also, my klog today mentions some new research papers which might help formalize "semi-private keys". I haven't read them yet. I only get a few minutes to read each day on the bus to and from work. :-) Regards, Zooko _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
