The FIPS Compliance of HKDF

from blog Filippo Valsorda, | ↗ original
The FIPS compliance of HKDF is a somewhat confusing and controversial topic, partially because the normative reference is split over at least four separate documents, but in practice it’s approved for almost any purpose.
This is a short summary. ↗ Open original to view full content

Related

PRFs, PRPs and other fantastic things
A Few Thoughts on Cryptographic Engineering | original ↗
XAES-256-GCM
Filippo Valsorda | original ↗
Post-quantum Cryptography for the Go Ecosystem
Filippo Valsorda | original ↗
From U2F to passkeys
ImperialViolet | original ↗
Yubikey/Smartcard backed TLS servers
benjojo blog | original ↗
NIST's cryptographic standardization process
cr.yp.to blog | original ↗
PostgreSQL and FIPS mode
Peter Eisentraut | original ↗
Let’s All Agree to Use Seeds as ML-KEM Keys
Filippo Valsorda | original ↗
BIND9 dnssec-policy appendices
Tony Finch's blog | original ↗
Gear Hashing for Content-Defined Chunking
Joshleeb | original ↗

More from Filippo Valsorda

Accumulated Test Vectors
9 Oct 2024 | original ↗

Accumulated test vectors make it possible to run large sets of random known-answer tests without checking in large assets.

Let’s All Agree to Use Seeds as ML-KEM Keys
21 Aug 2024 | original ↗

ML-KEM private key seeds are vastly preferable to expanded decapsulation keys as a storage format. A plea to standardize on them.

age Plugins
17 Jul 2024 | original ↗

The age plugin system allows integrating third-party recipient types at the CLI level. A new framework makes it easy to implement plugins.

Geomys, a blueprint for a sustainable open source maintenance firm
8 Jul 2024 | original ↗

Announcing Geomys, a small firm of professional maintainers with a portfolio of critical Go projects.

XAES-256-GCM
26 Jun 2024 | original ↗

XAES-256-GCM is a new AEAD extended-nonce algorithm designed for high-level APIs and FIPS 140 compliance.