Talk:Labs/Weave/WEP/100

From MozillaWiki
Jump to navigation Jump to search

Thunder asked me to include a few notes that we discussed on 5/13/10:

  • The symmetric key used to protect the main private key should be obtained from a different derivation chain than the password: if I gave somebody the symmetric key, they must not be able to figure out the password, and vice versa.
  • Each different use to which a hash is put must use a differently-keyed hash.
  • When keying a hash, combine the key and the data-to-be-hashed in a reversible format. "%s%s" % (key,data) is bad, "%s:%s" % (key,data) is ok if the key can never have a colon in it, "%d:%s,%d:%s," % (len(key),key,len(data),data) (i.e. concatenated netstrings) is always safe. This prevents attacks in which two hash-uses can be confused by making data that looks like part of the key.
Retrieved from "https://wiki.mozilla.org/index.php?title=Talk:Labs/Weave/WEP/100&oldid=223179"