Hi Yasuo,
The fact that you continue to talk about passwords and other low-entropy
data as IKM shows, yet again, that you don't understand HKDF.
It is simply not a password-based KDF; if you want that - use PBKDF2.
Please read Section 4* of the spec:
https://tools.ietf.org/html/rfc5869.html#sectio
Hi Andrey,
How the manual page would be. Would it be
"Even though 'slat' is the last optional parameter that users may omit
easily
by mistake, users _must_ set strong salt for weak $ikm. This is
mandatory
requirement for HKDF to work. In addition, it is advices to set salt
whenever
On Thu, Feb 9, 2017 at 7:51 AM, Yasuo Ohgaki wrote:
> Hi Andrey,
>
> How the manual page would be. Would it be
>
> "Even though 'slat' is the last optional parameter that users may omit
> easily
> by mistake, users _must_ set strong salt for weak $ikm. This is
> mandatory
> requirement
> On 19 Jan 2017, at 12:18, Ben RUBSON wrote:
>
> Hello,
>
> As proposed by cmb (thank you !), I open a discussion regarding req #65386 :
> https://bugs.php.net/bug.php?id=65386
>
> It summarizes requests around disable_functions directive :
> - modification of disable_functions to be a PHP_INI
On Thu, Jan 19, 2017 at 6:18 AM, Ben RUBSON wrote:
> As proposed by cmb (thank you !), I open a discussion regarding req #65386 :
> https://bugs.php.net/bug.php?id=65386
>
> It summarizes requests around disable_functions directive :
> - modification of disable_functions to be a PHP_INI_SYSTEM dir
Results for project PHP master, build date 2017-02-08 20:28:50-08:00
commit: 4ec8066
previous commit:31332d0
revision date: 2017-02-08 01:10:54+01:00
environment:Haswell-EP
cpu:Intel(R) Xeon(R) CPU E5-2699 v3 @ 2.30GHz 2x18 cores,
stepping 2, LLC 45 MB
Hi Scott and all,
On Thu, Feb 9, 2017 at 10:52 PM, Scott Arciszewski
wrote:
>
>
>> HKDF relies on PRK being cryptographically strong.
>>
>>
>
>
>
> Yes, but not for the reasons you might suspect.
>
> The main use case of HKDF is to completely prevent related-key attacks,
> while splitt