@bascule @matthew_d_green @dchest @marshray It doesn’t sound that way from the ticket; sounds like you’re saying, “use this for NIST crypto”
@marshray @matthew_d_green @tqbf @dchest sorry to dig this up again, but isn't solved by deriving a unique AES-CTR key and nonce via HKDF?
-
-
@bascule@matthew_d_green@tqbf@dchest Not if you feed the nonce into the HKDF and leave it out of the AES-CTR initialization. -
@marshray@matthew_d_green@tqbf@dchest my plan was deriving a unique AES-CTR nonce via HKDF as well, in addition to the key -
-
@matthew_d_green@marshray@tqbf@dchest I was thinking an RNG could be used for both the key an nonce inputs to HKDF
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.