Author: Jonas Schnelli 2016-06-29 18:34:06
Published on: 2016-06-29T18:34:06+00:00
The security of SHA512 is not significantly higher than SHA256 according to previous crypto analysis results. To drive keys from the ECDH shared secret, HMAC_SHA512 will be used, although HMAC_SHA256 would be sufficient. Using SHA512 allows for two 256bit keys with one HMAC operation. Keccak is an alternative, but introducing another new hash type for encryption may not be desirable. The security of the symmetric cipher key depends largely on the PRNG and ECDH scheme.
Updated on: 2023-06-11T18:52:57.265416+00:00