summaryrefslogtreecommitdiff
path: root/35/e90cfcc6aa5aeeb54257f29683f1a28eb1c214
blob: aae443d807390a927ff4106e5e43bdb2ce2142ed (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
Return-Path: <dev@jonasschnelli.ch>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 1A0CE308
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Mon,  4 Jul 2016 06:37:51 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from server3 (server3.include7.ch [144.76.194.38])
	by smtp1.linuxfoundation.org (Postfix) with ESMTP id 5877DF0
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Mon,  4 Jul 2016 06:37:50 +0000 (UTC)
Received: by server3 (Postfix, from userid 115)
	id 13B552D002F7; Mon,  4 Jul 2016 08:37:49 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1
	autolearn=ham version=3.3.1
Received: from Jonass-MacBook-Pro-2.local (cable-static-140-182.teleport.ch
	[87.102.140.182]) by server3 (Postfix) with ESMTPSA id 7DFF52D002F7
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Mon,  4 Jul 2016 08:37:48 +0200 (CEST)
To: bitcoin-dev@lists.linuxfoundation.org
References: <87h9cecad5.fsf@rustcorp.com.au>
	<577224E8.6070307@jonasschnelli.ch> <8760ssdd1u.fsf@rustcorp.com.au>
	<CAEM=y+XKQZVz6UieB-nDy_C9xTmXiBB3-atuuZkxzmPoSVPOJw@mail.gmail.com>
	<87oa6iavky.fsf@rustcorp.com.au>
	<CADorodhC=UvQmiNVSd91dA57PyYydDH+uUUp_Aj5CsN-EG-e4g@mail.gmail.com>
From: Jonas Schnelli <dev@jonasschnelli.ch>
Message-ID: <577A0439.5000506@jonasschnelli.ch>
Date: Mon, 4 Jul 2016 08:37:45 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0)
	Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <CADorodhC=UvQmiNVSd91dA57PyYydDH+uUUp_Aj5CsN-EG-e4g@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="RtHsO4uOF1X3c1LIi6gRU9ib8mnSxSeLv"
Subject: Re: [bitcoin-dev] BIP 151 use of HMAC_SHA512
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jul 2016 06:37:51 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--RtHsO4uOF1X3c1LIi6gRU9ib8mnSxSeLv
Content-Type: multipart/mixed; boundary="lxbg2tmm0vXDrM2sIQBitmqnVkFETeE93"
From: Jonas Schnelli <dev@jonasschnelli.ch>
To: bitcoin-dev@lists.linuxfoundation.org
Message-ID: <577A0439.5000506@jonasschnelli.ch>
Subject: Re: [bitcoin-dev] BIP 151 use of HMAC_SHA512
References: <87h9cecad5.fsf@rustcorp.com.au>
 <577224E8.6070307@jonasschnelli.ch> <8760ssdd1u.fsf@rustcorp.com.au>
 <CAEM=y+XKQZVz6UieB-nDy_C9xTmXiBB3-atuuZkxzmPoSVPOJw@mail.gmail.com>
 <87oa6iavky.fsf@rustcorp.com.au>
 <CADorodhC=UvQmiNVSd91dA57PyYydDH+uUUp_Aj5CsN-EG-e4g@mail.gmail.com>
In-Reply-To: <CADorodhC=UvQmiNVSd91dA57PyYydDH+uUUp_Aj5CsN-EG-e4g@mail.gmail.com>

--lxbg2tmm0vXDrM2sIQBitmqnVkFETeE93
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

> I haven't been able to find the beginning of this thread, so apologies
> if I've misunderstood what this is for, but it _sounds_ like we're
> re-inventing HKDF.

> I'd recommend reading the paper about HKDF. It stands out among crypto
> papers for having a nice clear justification for each of its design
> decisions, so you can see why they did it (very slightly) differently
> than the various constructions proposed up-thread.

Thanks Zooko

I think HKDF instead of a single HMAC_SHA512 seams reasonable and
something we should consider.

I'll try to evaluate the implications of using HKDF over HMAC_SHA512 and
will update the BIP if there are no concerns about it.

</jonas>


--lxbg2tmm0vXDrM2sIQBitmqnVkFETeE93--

--RtHsO4uOF1X3c1LIi6gRU9ib8mnSxSeLv
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXegQ5AAoJECnUvLZBb1PsadYP/AtGE6LRj6eSrPa47hzzTig1
FkX+qQCom6HGAPnAMWs5cKwh7FlBaptF2aM5GcyhvcP7ZRNA0ib/Qe3i4mxl3DQ1
XCYAbReHKRcv1/Iui/jRoNozN9EliaWt9p36TVEYtJDAOOp9jUxRE683UiZl03nd
SFYcnCsvmIERiTYSYYC8qHcvdzw2whfAt7f0vLDtoVH3ozFfFvbSOlYJs/FAdK22
RBaciE4g5vR4KqmHoO/vGot+2+TpaQ9I6qrVsKEIlIOlS3Y8iGn1UOx6YGNC5E25
MxY0DqAbMnUHM+nFXCGOhsc0zZw2AN7I/Y7BSQovQmycsTd3kp51H2IRY39xWCe4
yqvrH1BqueWiC4J91imQCgnNmV7MYEFApj/t4z5MAxJIgtrP6xVneeOuRRiuhoKa
m4z82Mu15bQ8CaFhJnD8YC8ZcQPTn8UA00pNXBcACGtCSehSfFHxScMb3H6fgsus
Jgrd4ToGykG6fuXlT2FlPBx6ixbBs9sSpveQEu0uuHDDw7cxCh8ifDyegv8fJQ9L
holZb99BRgN1AwPOGSRdj/SW6E0+BGaHOZQEgZ9r/hkhoZDEUr9PKDjevUMAwSpY
KDFGTEHO//xhsHrz5/KO6QMgypNorkeNie6hqETYvpNOrdo6MB9AleVj4IuVtHnG
jiMxhXs6AaetAleOqWFn
=YmIl
-----END PGP SIGNATURE-----

--RtHsO4uOF1X3c1LIi6gRU9ib8mnSxSeLv--