| Safe Haskell | None |
|---|---|
| Language | Haskell98 |
Bitcoin.Crypto.Hash.KDF
Description
Key Derivation Functions (KDF).
These are used to derive larger symmetric keys from a small (say, 256 bit) shared secret generated using eg. Diffie-Hellman key exchange.
- newtype SharedSecret = SharedSecret [Word8]
- concatenatingKDF :: OctetStream publicInfo => SharedSecret -> publicInfo -> Int -> ByteString
- foldingKDF :: OctetStream publicInfo => SharedSecret -> publicInfo -> Int -> ByteString
Documentation
Arguments
| :: OctetStream publicInfo | |
| => SharedSecret | shared secret (for example estabilished by Diffie-Hellman key exchange) |
| -> publicInfo | publicly avaliable information about the parties (for example, the IDs of the two parties) |
| -> Int | desired output length |
| -> ByteString |
Concatenation-based Key Derivation Function.
Basically:
output = Hash[1] || Hash[2] || Hash[3] || ... Hash[counter] = H ( counter || Z || publicInfo )
where H is the SHA256 hash function, Z is the shared secret, and the counter is a big-endian encoded 32 bit word.
This is more-or-less the NIST-800-56-Concatenation-KDF standard.
Arguments
| :: OctetStream publicInfo | |
| => SharedSecret | shared secret (for example estabilished by Diffie-Hellman key exchange) |
| -> publicInfo | publicly avaliable information about the parties (for example, the IDs of the two parties) |
| -> Int | desired output length |
| -> ByteString |
This is similar to the previous, however, we also use the previous hash when computing the next hash:
Hash[counter] = H ( counter || Hash[counter-1] || Z || publicInfo )
Hash[0] is set to ad-hoc value, presently [0x5c,0x5c,0x5c...]