Comments (6)
A side effect of this would be that the Psk
and PskBundle
(containing a PSK and PSK ID) types in the Rust implementation would not need to allocate and also not need cumbersome lifetime specifiers, since they could just maintain a fixed-size buffer of their contents.
from draft-irtf-cfrg-hpke.
What would be "reasonably small" here? TLS allows 16-bit PSK identities and exported contexts, for example.
from draft-irtf-cfrg-hpke.
If pskID
were 2 bytes (or an integer that we explicitly encode) and everything else were at most size Nh
, that would be sufficient
from draft-irtf-cfrg-hpke.
Adding the following just so that we remember that in case we introduce limits: If in the end the PSK's size is limited to smth strictly smaller than Nb
(block size of underlying hash function), we could get rid of the hashing step for the PSK.
from draft-irtf-cfrg-hpke.
Update: this change may not be necessary. It shouldn't be hard to get HKDF-Expand and HKDF-Extract to work this way without allocating.
Waiting on RustCrypto/KDFs#34
from draft-irtf-cfrg-hpke.
KDF PR got merged. This is no longer an issue.
from draft-irtf-cfrg-hpke.
Related Issues (20)
- Address cjpatton's feedback HOT 1
- No official byte representation of private keys HOT 4
- Include DeriveKeyPair output in test vectors HOT 2
- Restrict low-entropy PSKs
- Add one-shot Export API HOT 1
- One-shot API for export
- Wire format of HPKE context HOT 3
- List known implementations HOT 5
- Add (back?) DeserializePublicKey() HOT 1
- AEAD ID for unsupported AEADs HOT 10
- Emphasize the fact that messages must never be encrypted by the recipient HOT 2
- Compact representation for NIST curves HOT 1
- Prohibit the use of asymmetric keys with multiple KEMs HOT 2
- x448 test vectors HOT 1
- Test vector issue with P256 HOT 2
- Improve test vector field descriptions HOT 2
- Recipient vs. receiver inconsistency HOT 1
- KEM failures and API considerations HOT 3
- Guidance on how to use info and aad HOT 1
- Authentication Tag Length HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from draft-irtf-cfrg-hpke.