The FIPS Compliance of HKDF

from blog Filippo Valsorda, | ↗ original
The FIPS compliance of HKDF is a somewhat confusing and controversial topic, partially because the normative reference is split over at least four separate documents, but in practice it’s approved for almost any purpose.
This is a short summary. ↗ Open original to view full content

Related

PostgreSQL and FIPS mode
Peter Eisentraut | original ↗
From U2F to passkeys
ImperialViolet | original ↗
Sign and Verify Messages with HMAC Using the Web Crypto API
bradyjoslin.com | original ↗
BIND9 dnssec-policy appendices
Tony Finch's blog | original ↗
Gear Hashing for Content-Defined Chunking
Joshleeb | original ↗
PRFs, PRPs and other fantastic things
A Few Thoughts on Cryptographic Engineering | original ↗
Yubikey/Smartcard backed TLS servers
benjojo blog | original ↗
Security means securing people where they are
ENOSUCHBLOG | original ↗
MTA-STS is Stupid
Kevin Cox's Blog | original ↗
NIST's cryptographic standardization process
cr.yp.to blog | original ↗

More from Filippo Valsorda

Benchmarking RSA Key Generation
31 Dec 2024 | original ↗

RSA key generation is conceptually simple, but extremely tricky. Even benchmarking involves math: we generated a stable but representative “average case” instead of using the ordinary statistical approach.

frood, an Alpine initramfs NAS
5 Dec 2024 | original ↗

My NAS is just one big initramfs containing a whole Alpine Linux system. It’s delightful. Here's why and how.

Accumulated Test Vectors
9 Oct 2024 | original ↗

Accumulated test vectors make it possible to run large sets of random known-answer tests without checking in large assets.

Let’s All Agree to Use Seeds as ML-KEM Keys
21 Aug 2024 | original ↗

ML-KEM private key seeds are vastly preferable to expanded decapsulation keys as a storage format. A plea to standardize on them.

age Plugins
17 Jul 2024 | original ↗

The age plugin system allows integrating third-party recipient types at the CLI level. A new framework makes it easy to implement plugins.