[Authentication] Using HKDF in new algorithm suite: dh-ietf1024-sha256-aes128-cbc-pkcs7
Stef Walter
stefw at collabora.co.uk
Sun Feb 27 00:30:58 PST 2011
As per the discussion on the mailing list, I've prepared a patch to the
secret service specification that specifies the use of HKDF to hash the
secret key agreed upon by DH into something usable by AES.
Previously the draft specification assumed truncating the DH key, but
this is broken cryptographically and all round dumb.
I would like review of this spec patch (attached), and would much
appreciate having another pair of eyes look at the HKDF code [1] in
gnome-keyring.
I've implemented these changes and the full implementations are on the
with-hkdf branches of gnome-keyring [2] and libgnome-keyring [3]
respectively.
Cheers,
Stef
[1]
http://git.gnome.org/browse/libgnome-keyring/diff/egg/egg-hkdf.c?h=with-hkdf&id=100aa1788d784334247b095ae6a1c621e539ba94
[2]
http://git.gnome.org/browse/gnome-keyring/commit/?h=with-hkdf&id=54d4781a415b6e12d882667e373be851a435c5a3
[3]
http://git.gnome.org/browse/libgnome-keyring/commit/?h=with-hkdf&id=100aa1788d784334247b095ae6a1c621e539ba94
More information about the Authentication
mailing list