canmove, Confirmed users
725
edits
Services/Sync/SimplifiedCrypto: Difference between revisions
Jump to navigation
Jump to search
Services/Sync/SimplifiedCrypto (view source)
Revision as of 22:52, 29 October 2010
, 29 October 2010→HMAC
(→HMAC) |
|||
| Line 69: | Line 69: | ||
=== HMAC === | === HMAC === | ||
It's a good practice to use separate keys for HMAC and for encryption. The bulk keys (stored encrypted on the server) are themselves used as input for exactly the same hash operations mentioned above. This yields a pair of keys that can be used for encryption and message authentication | It's a good practice to use separate keys for HMAC and for encryption. The bulk keys (stored encrypted on the server) are themselves used as input for exactly the same hash operations mentioned above. This yields a pair of keys that can be used for encryption and message authentication: | ||
::data_encr = SHA256("encrypt:" + data_key) | |||
::data_hmac = SHA256("hmac:" + data_key) | |||
=== Objects === | === Objects === | ||