credit David Wong

4 years ago · f8e4bdfbaf
parent c196cbcf42
commit f8e4bdfbaf
1 changed files with 3 additions and 0 deletions
--- a/proposals/xxxx-sas-v2.md
+++ b/proposals/xxxx-sas-v2.md
@ -11,6 +11,9 @@ generation of the SAS string by including it in the info parameter of the HKDF.
 Thus if an attacker sends them different public keys, the info parameters will
 be different, and so the key generated by the HKDF will be different.

+Thanks to [David Wong](https://twitter.com/cryptodavidw) for identifying the
+issue, disclosing responsibly, and for helping to design the fix.
+
 ## Proposal

 A new `key_agreement_protocol`, `curve25519-hkdf-sha256` is introduced, and