credit David Wong

pull/2630/head
Hubert Chathi 4 years ago
parent c196cbcf42
commit f8e4bdfbaf

@ -11,6 +11,9 @@ generation of the SAS string by including it in the info parameter of the HKDF.
Thus if an attacker sends them different public keys, the info parameters will
be different, and so the key generated by the HKDF will be different.
Thanks to [David Wong](https://twitter.com/cryptodavidw) for identifying the
issue, disclosing responsibly, and for helping to design the fix.
## Proposal
A new `key_agreement_protocol`, `curve25519-hkdf-sha256` is introduced, and

Loading…
Cancel
Save