tahoe-lafs/trac-2024-07-25
2
0
Issues 1.1k Wiki Activity

link to HKDF 

[Imported from Trac: page Bibliography, version 45]
zooko 2009-10-21 19:04:39 +00:00
parent 6d2abd03c3
commit 4ad623f580
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Bibliography.md

@ -13,6 +13,8 @@ Here are some papers that are potentially of interest.
[defectoscopy.com](http://defectoscopy.com/results.html) a table of semi-automated cryptanalysis results from the inventors of EnRUPT. This technique has not been peer-reviewed by other cryptographers. I (Zooko) can't judge how valid it is. Note that MD4, MD5, SHA-0, SHA-1, SHA-2-256, and GOST are predicted to be insecure, while Tiger is predicted to be secure. AES-128 is predicted to be insecure. Salsa20 is predicted to be secure. [defectoscopy.com](http://defectoscopy.com/results.html) a table of semi-automated cryptanalysis results from the inventors of EnRUPT. This technique has not been peer-reviewed by other cryptographers. I (Zooko) can't judge how valid it is. Note that MD4, MD5, SHA-0, SHA-1, SHA-2-256, and GOST are predicted to be insecure, while Tiger is predicted to be secure. AES-128 is predicted to be insecure. Salsa20 is predicted to be secure.
[HKDF full paper](http://webee.technion.ac.il/~hugo/kdf/kdf.pdf) defines and analyzes the *HKDF* Key-Derivation Algorithm; A KDF is a linchpin component of our crypto schemes.
### Elliptic Curve Cryptography ### Elliptic Curve Cryptography
[ECC Brainpool Standard Curves and Curve Generation](http://tools.ietf.org/html/draft-lochter-pkix-brainpool-ecc-03) new elliptic curve parameters which come with a proof that they were generated deterministically and pseudorandomly from the first few bits of pi, as well as proofs that they are immune to certain other potential cryptographic weaknesses. [ECC Brainpool Standard Curves and Curve Generation](http://tools.ietf.org/html/draft-lochter-pkix-brainpool-ecc-03) new elliptic curve parameters which come with a proof that they were generated deterministically and pseudorandomly from the first few bits of pi, as well as proofs that they are immune to certain other potential cryptographic weaknesses.