From 4ad623f5809a499cacf1f2af875f649fefc3f686 Mon Sep 17 00:00:00 2001
From: zooko <>
Date: Wed, 21 Oct 2009 19:04:39 +0000
Subject: [PATCH] link to HKDF

[Imported from Trac: page Bibliography, version 45]
---
 Bibliography.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Bibliography.md b/Bibliography.md
index bc6387d..cfb36a7 100644
--- a/Bibliography.md
+++ b/Bibliography.md
@@ -13,6 +13,8 @@ Here are some papers that are potentially of interest.
 
 [defectoscopy.com](http://defectoscopy.com/results.html) a table of semi-automated cryptanalysis results from the inventors of EnRUPT.  This technique has not been peer-reviewed by other cryptographers.  I (Zooko) can't judge how valid it is.  Note that MD4, MD5, SHA-0, SHA-1, SHA-2-256, and GOST are predicted to be insecure, while Tiger is predicted to be secure.  AES-128 is predicted to be insecure.  Salsa20 is predicted to be secure.
 
+[HKDF full paper](http://webee.technion.ac.il/~hugo/kdf/kdf.pdf) defines and analyzes the *HKDF* Key-Derivation Algorithm; A KDF is a linchpin component of our crypto schemes.
+
 ### Elliptic Curve Cryptography
 
 [ECC Brainpool Standard Curves and Curve Generation](http://tools.ietf.org/html/draft-lochter-pkix-brainpool-ecc-03) new elliptic curve parameters which come with a proof that they were generated deterministically and pseudorandomly from the first few bits of pi, as well as proofs that they are immune to certain other potential cryptographic weaknesses.