@bascule personalization strings are assumed to be public or (semi) secret, but "less" secret than crypto keys, they are thus more exposed..
@veorq are there any differences in the security properties of Blake2b keys versus personalization strings?
-
-
-
@bascule in the sense that messages interact directly with the perso strings, but not with the key, because it is first "compressed".. -
@bascule that said, it might be safe to use secrets as perso strings, but we don't claim that it's as secure as the defined mode -
-
@bascule ah, I presumed you intended to use the perso slot to key the hash more efficiently -
@veorq I'd like to, API does not permit unfortunately. Otherwise that seems fine though, right? -
@bascule I don't see any obvious objection to that at the moment -
@veorq cool, thanks
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.