Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:98639
Return-Path: <yohgaki@ohgaki.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 12574 invoked from network); 25 Mar 2017 22:30:38 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 25 Mar 2017 22:30:38 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@ohgaki.net
X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp  
Received: from [180.42.98.130] ([180.42.98.130:44086] helo=es-i.jp)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 66/01-33481-C8FE6D85 for <internals@lists.php.net>; Sat, 25 Mar 2017 17:30:37 -0500
Received: (qmail 60831 invoked by uid 89); 25 Mar 2017 22:30:33 -0000
Received: from unknown (HELO mail-qk0-f172.google.com) (yohgaki@ohgaki.net@209.85.220.172)
  by 0 with ESMTPA; 25 Mar 2017 22:30:33 -0000
Received: by mail-qk0-f172.google.com with SMTP id v127so15147851qkb.2
        for <internals@lists.php.net>; Sat, 25 Mar 2017 15:30:33 -0700 (PDT)
X-Gm-Message-State: AFeK/H3qZO46zWM+nB/rWH3K9sUXwrKJrjrQ8gAtPzKwFTGdTLmqR8QsBwBmNEbfFZp2ph13ZlaeuJjYB6jadw==
X-Received: by 10.55.59.67 with SMTP id i64mr2465108qka.142.1490481027357;
 Sat, 25 Mar 2017 15:30:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.19.232 with HTTP; Sat, 25 Mar 2017 15:29:47 -0700 (PDT)
Date: Sun, 26 Mar 2017 07:29:47 +0900
X-Gmail-Original-Message-ID: <CAGa2bXbUYDgJxmmZfuS5ZbWCLjq0QPpDioM-zkU9j7EHA-D_ag@mail.gmail.com>
Message-ID: <CAGa2bXbUYDgJxmmZfuS5ZbWCLjq0QPpDioM-zkU9j7EHA-D_ag@mail.gmail.com>
To: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a1148bd3e2ebf57054b95a804
Subject: [RFC][VOTE] Improve hash_hkdf() parameter
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a1148bd3e2ebf57054b95a804
Content-Type: text/plain; charset=UTF-8

Hi all,

Since hash_hkdf() is in PHP 7.1.2, I restarted vote.
I posted previous announce in discussion thread by mistake.

https://wiki.php.net/rfc/improve_hash_hkdf_parameter

Vote start: 2017-03-26
Vote end: 2017-04-07 UTC 23:59:59

Current hash_hkdf() function signature does not make sense.

 - HKDF is KEY derivation function, yet derivation KEY is the last option.
 - hash_hkdf() is simple hash_hmac() extension, yet it has totally
   different signature.
 - Return value is binary unlike other hash functions.
 - The signature is INSECURE.

Current signature is overly optimized very limited crypto operation
and cannot be optimal by above reasons.

Fortunately, almost all users are not using current hash_hkdf().
It's only in 7.1.2/7.1.3 now. We should avoid yet another new inconsistent
and insecure function. It would be better to be fixed ASAP, IMHO.

I suggest you to disclose the reason why against this change.
Otherwise, you may be considered you don't understand crypto basic.
i.e. HKDF(IKM) security depends on PRK being secure. To make PRK
secure or more secure, "salt" parameter is required. "length" is irrelevant
for security.

Thank you for voting.

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a1148bd3e2ebf57054b95a804--