nisse@lysator.liu.se (Niels Möller) writes:
Simon Josefsson simon@josefsson.org writes:
How about adding KDFs? Here is a starting pointer for the most common function, PKCS #5 PBKDF2. Review appreciated.
I don't have time to review it at the moment, but I hope to be able to do that within a few days. You may also want to have a look at
http://git.lysator.liu.se/lsh/lsh/blobs/master/src/pkcs5.c
which I wrote a long time ago. Probably not very useful for Nettle as is, but I'll happily relicense it as LGPL if anything is derived from it.
Possibly the block_count stuff could be used, although I'm not sure how it works: if you have a large dkLen wouldn't more than the final octet be needed?
One immediate comment: "PBKDF2" is an awful name :-/
Yes...
Are there any other key derivation methods which are important?
Widely used KDF's include the OpenPGP s2k, TLS (different variants), Kerberos. More recent KDF's include HKDF and scrypt. I'm sure there are more.
However, I'm not certain 1) it makes sense to implement several KDFs in nettle, 2) whether an generic interface can be found. Re 2) it seems KDFs are highly parametrized for its specialized purpose, and thus require special parameters.
/Simon