On Sun, Apr 30, 2017 at 8:14 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> I don't need your view of HKDF RFC or usage, but I do need good practical
> examples that justify your point of view. Please don't waste of your/my
> time,
> just give some good examples in next reply. Thanks.
>
BTW, valid (yet not common/proper) example that I can think of is,
<?php
$strong_512bit_key = random_bytes(64);
$strong_256bit_key = hash_hkdf('sha3-512', $strong_512bit_key, 32);
?>
while it does not even require HKDF, though.
<?php
$strong_512bit_key = random_bytes(64);
$strong_256bit_key = hash('sha3-256', $strong_512bit_key);
?>
should be good enough.
Even with "Info", following HMAC is enough.
<?php
$strong_512bit_key = random_bytes(64);
$strong_256bit_key = hash_hmac('sha3-256', $strong_512bit_key, $some_info);
?>
--
Yasuo Ohgaki
yohg...@ohgaki.net
