I'm trying to implement hash-based authentication using the 'tree-chaining' structure described in http://ift.tt/1QVvMeW or http://ift.tt/153bvc2
For this I'd need a (deterministic) PRNG capable of producing a huge amount of private keys from a seed/key and an index into the private key list. I was thinking to simply Hash(secretkey + index) to generate the keys but after reading some NIST recommendations for PRNGs I wonder if there's a better/more secure way? Are there any serious issues with this Hash(secretkey + index) approach assuming sha-3 as the hashing function?
Thanks
Aucun commentaire:
Enregistrer un commentaire