credit David Wong
This commit is contained in:
Hubert Chathi
parent
c196cbcf42
commit
f8e4bdfbaf
1 changed files with 3 additions and 0 deletions
|
|
@ -11,6 +11,9 @@ generation of the SAS string by including it in the info parameter of the HKDF.
|
|||
Thus if an attacker sends them different public keys, the info parameters will
|
||||
be different, and so the key generated by the HKDF will be different.
|
||||
|
||||
Thanks to [David Wong](https://twitter.com/cryptodavidw) for identifying the
|
||||
issue, disclosing responsibly, and for helping to design the fix.
|
||||
|
||||
## Proposal
|
||||
|
||||
A new `key_agreement_protocol`, `curve25519-hkdf-sha256` is introduced, and
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue