📅 Original date posted:2016-06-29
📝 Original message:> Based on previous crypto analysis result, the actual security of SHA512
> is not significantly higher than SHA256.
> maybe we should consider SHA3?
As far as I know the security of the symmetric cipher key mainly depends
on the PRNG and the ECDH scheme.
The HMAC_SHA512 will be used to "drive" keys from the ECDH shared secret.
HMAC_SHA256 would be sufficient but I have specified SHA512 to allow to
directly derive 512bits which allows to have two 256bit keys with one
HMAC operation (same pattern is used in BIP for the key/chaincode
derivation).
Keccak would be an alternative but we probably don't want to introduce
another new hash type just for the encryption.
</jonas>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160629/3c5c25c5/attachment.sig>;
Jonas Schnelli [ARCHIVE] /
npub1nf…3dtxs
2023-06-07 17:51:33
in reply to nevent1q…tv6k
Author Public Key
npub1nfrrurat393mqymf3s26pujyn5vujlem3pzcukr5p9d4qpklngxq43dtxsPublished at
2023-06-07 17:51:33Event JSON
{
"id": "5a1d94692ef404f63dc6b225accd4cc6bb747bf27cb9cbbd99ede12fb5595f34",
"pubkey": "9a463e0fab8963b013698c15a0f2449d19c97f3b88458e5874095b5006df9a0c",
"created_at": 1686160293,
"kind": 1,
"tags": [
[
"e",
"865ae9660ffa796d019b6409907548cf0d8cccc89b3d009b0f6e17232981afa9",
"",
"root"
],
[
"e",
"fc5f0414498cb4b01a9cd61a88a60df92edf44245e80c13f22b967af5bee6a35",
"",
"reply"
],
[
"p",
"0ec696b29b886ff506f97f10972898662046456c04d742188879d8f95cafd423"
]
],
"content": "📅 Original date posted:2016-06-29\n📝 Original message:\u003e Based on previous crypto analysis result, the actual security of SHA512\n\u003e is not significantly higher than SHA256.\n\u003e maybe we should consider SHA3?\n\nAs far as I know the security of the symmetric cipher key mainly depends\non the PRNG and the ECDH scheme.\n\nThe HMAC_SHA512 will be used to \"drive\" keys from the ECDH shared secret.\nHMAC_SHA256 would be sufficient but I have specified SHA512 to allow to\ndirectly derive 512bits which allows to have two 256bit keys with one\nHMAC operation (same pattern is used in BIP for the key/chaincode\nderivation).\n\nKeccak would be an alternative but we probably don't want to introduce\nanother new hash type just for the encryption.\n\n\u003c/jonas\u003e\n\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 819 bytes\nDesc: OpenPGP digital signature\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160629/3c5c25c5/attachment.sig\u003e",
"sig": "e82bd5c07f7faaf9e3f30eeea320830ace6d3cf75faff7b5b1a054cde66c5b4a6b4adf834912b93dd447accfb2010dfc0c28f74d2a247513fdd98e84440228f3"
}