On 24 February 2017 at 16:01, Sean Turner <s...@sn3rd.com> wrote: > So this isn’t entirely novel right I mean we did something similar wrt other > key schedules?
I certainly hope it isn't novel. I'm just applying the same technique: keep independent keys independent. On 24 February 2017 at 16:09, Felix Günther <guent...@cs.tu-darmstadt.de> wrote: > just to clarify: you add an additional HKDF.Expand step, not > HKDF.Extract, right? Yes, you are right, I should have said expand. You need to use expand to get the label-based separation on type. I don't know how I got confused about that. If we need to maintain extract and expand in pairs (as we have already been burned by), then I will defer to cryptographers on that. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
