Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:98270 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 91290 invoked from network); 9 Feb 2017 10:59:45 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Feb 2017 10:59:45 -0000 Authentication-Results: pb1.pair.com header.from=narf@devilix.net; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=narf@devilix.net; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain devilix.net designates 74.125.82.181 as permitted sender) X-PHP-List-Original-Sender: narf@devilix.net X-Host-Fingerprint: 74.125.82.181 mail-ot0-f181.google.com Received: from [74.125.82.181] ([74.125.82.181:36589] helo=mail-ot0-f181.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 92/E6-33872-F9B4C985 for ; Thu, 09 Feb 2017 05:59:43 -0500 Received: by mail-ot0-f181.google.com with SMTP id 32so10276881oth.3 for ; Thu, 09 Feb 2017 02:59:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=devilix.net; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=mgwB+qZ7NOvcMHR9DbCfyhqMetCLiFMJrT0RAxl9fOw=; b=RFN7PpZbowYL5Cs24cymPhxzMwYAOZg+6xlh1OocG5AeHxviA95afYT0EF4vsJrSAh n7N7opj3I4RajGHFOoK+q9OKkoi/hoCT8U+MwPQ8SW3+xrIGcNZmAv0cxv7p47kvVp11 5oC5D3FRqEePxkREad6gUKgiIJbGiCH9IyBuE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=mgwB+qZ7NOvcMHR9DbCfyhqMetCLiFMJrT0RAxl9fOw=; b=VcU+ic61kxYFPioHRuNXvxqYfjfn/t3oJntDPqJnEq7iWG4IDF6wH0kKN2bNBWG0o9 UvaQTZkCAEsr35ds5D/Aa6mhvR7PjLHU5UZ1lDNA9Fi8rIsp5uvLq4EYvMjgOIl4DntW znmAzgD5nJRYb4wKOs5KSoJtFATR5nNUP8nZzVgMRoECLMwZVszUK+Ex1MuJUnoeyH0Q Diwz4g/ozynwfilZhfU6BZZld4gnfG+zLEwEOjJB7/9G/LOhimgPyQ/kqsg9fGWjeN6d M7e54IrdE30J18QThyoMwZT811XsExdJc0UfcCmZHXYzEf4Et/kGOtqb6MfLg22T3EHK RL+A== X-Gm-Message-State: AMke39lTGu9Ry07yfV6DlvBJUZrT3w2/3EM3cP2AHZnVZK34kyH+Cnglpm8GPkghyZU51ArQ6j2Pi6hVmmjeuw== X-Received: by 10.157.27.154 with SMTP id z26mr1365379otd.181.1486637980124; Thu, 09 Feb 2017 02:59:40 -0800 (PST) MIME-Version: 1.0 Received: by 10.182.134.170 with HTTP; Thu, 9 Feb 2017 02:59:39 -0800 (PST) In-Reply-To: References: Date: Thu, 9 Feb 2017 12:59:39 +0200 Message-ID: To: Yasuo Ohgaki Cc: Scott Arciszewski , "internals@lists.php.net" Content-Type: multipart/alternative; boundary=001a113e026cb722a1054816e0da Subject: Re: [PHP-DEV] hash_hkdf() signature From: narf@devilix.net (Andrey Andreev) --001a113e026cb722a1054816e0da Content-Type: text/plain; charset=UTF-8 Hi Yasuo, The fact that you continue to talk about passwords and other low-entropy data as IKM shows, yet again, that you don't understand HKDF. It is simply not a password-based KDF; if you want that - use PBKDF2. Please read Section 4* of the spec: https://tools.ietf.org/html/rfc5869.html#section-4 In fact, at one point I suggested the function be named just 'hkdf()' as a way of discouraging such misuse, because a lot of people associate the word "hash" with password handling. And this ... > I suppose most developers will use 'length' for shorter length. > i.e. Weaker output keys. If it's not too short, shorter key length works. > > Shows that you shouldn't be trusted with anything related to cryptography either. I may be no cryptographer myself, but one thing I know for sure is that shorter than required key lengths are *never* ok, and most encryption algorithms have a *fixed* key length. Also, this is the last time I reply to you on this topic. You're just impossible to reason with. Cheers, Andrey. --001a113e026cb722a1054816e0da--