[bitcoin-dev] BIP 151 use of HMAC_SHA512
dev at jonasschnelli.ch
Mon Jul 4 06:37:45 UTC 2016
> I haven't been able to find the beginning of this thread, so apologies
> if I've misunderstood what this is for, but it _sounds_ like we're
> re-inventing HKDF.
> I'd recommend reading the paper about HKDF. It stands out among crypto
> papers for having a nice clear justification for each of its design
> decisions, so you can see why they did it (very slightly) differently
> than the various constructions proposed up-thread.
I think HKDF instead of a single HMAC_SHA512 seams reasonable and
something we should consider.
I'll try to evaluate the implications of using HKDF over HMAC_SHA512 and
will update the BIP if there are no concerns about it.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the bitcoin-dev