Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@arag0re
arag0re authored Jan 6, 2023
1 parent 493d18b commit f4d9e05
Showing 1 changed file with 0 additions and 68 deletions.
68 changes: 0 additions & 68 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,71 +292,3 @@ The above program can be run to generate multiple fields on the command line:
```

The library uses `go modules`; so, it should be straight forward to import and use.


### Using the SRP Raw key to derive session keys
The client and server both derive the same value for RawKey(). This
is the crux of the SRP protocol. Treat this as a \"master key\".
It is not advisable to use the RawKey() for encryption purposes. It
is better to derive a separate key for each direction
(client-\>server and server-\>client). e.g.,:

```go
c2s_k = KDF(rawkey, counter, "C2S")
s2s_k = KDF(rawkey, counter, "S2C")
```

KDF above can be a reputable key derivation function such as PBKDF2
or Scrypt. The \"counter\" is incremented every time you derive a
new key.

*I am not a cryptographer*. Please consult your favorite crypto book
for deriving encryption keys from a master key.

#### Using `scrypt` as the KDF
Here is a example KDF using `scrypt`:

```go
import "golang.org/x/crypto/scrypt"

// Safe values for Scrypt() parameters
const _N int = 65536
const _r int = 1024
const _p int = 64

// Kdf derives a 'sz' byte key for use 'usage'
func Kdf(key []byte, salt []byte, usage string, sz int) []byte {

u0 := []byte(usage)
pw := append(key, u0...)
k, _ := scrypt.Key(pw, salt, _N, _r, _p, sz)
return k
}
```

#### Using `argon2` as the KDF
[Argon](https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03) is
the new state of the art (2018) key derivation algorithm. The
`Argon2id` variant is resistant to timing, side-channel and
Time-memory tradeoff attacks. Here is an example using the `Argon2id`
variant:

```go
import (
"runtime"
"golang.org/x/crypto/argon2"
)

// safe values for IDKey() borrowed from libsodium
const _Time uint32 = 3
const _Mem uint32 = 256 * 1048576 // 256 MB

// Kdf derives a 'sz' byte key for use 'usage'
func Kdf(key, salt []byte, usage string, sz int) []byte {
u0 := []byte(usage)
pw := append(key, u0...)

return argon2.IDKey(pw, salt, _Time, _Mem, runtime.NumCPU(), uint32(sz))
}
```

0 comments on commit f4d9e05

Please sign in to comment.