[bitcoin-dev] BIP 151 use of HMAC_SHA512

Jonas Schnelli dev at jonasschnelli.ch
Mon Jul 4 06:37:45 UTC 2016

> I haven't been able to find the beginning of this thread, so apologies
> if I've misunderstood what this is for, but it _sounds_ like we're
> re-inventing HKDF.

> I'd recommend reading the paper about HKDF. It stands out among crypto
> papers for having a nice clear justification for each of its design
> decisions, so you can see why they did it (very slightly) differently
> than the various constructions proposed up-thread.

Thanks Zooko

I think HKDF instead of a single HMAC_SHA512 seams reasonable and
something we should consider.

I'll try to evaluate the implications of using HKDF over HMAC_SHA512 and
will update the BIP if there are no concerns about it.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160704/029dc8b2/attachment.sig>

More information about the bitcoin-dev mailing list