Open tireddy2 opened 11 months ago
sk = HKDF-Expand-Label(dh-secret, "DH-derived key", "", Hash.length)
application_traffic_secret_N+1 = HKDF-Expand-Label(application_traffic_secret_N, "traffic upd 2", sk, Hash.length)
Assuming the application_traffic_secret_N is already exfiltrated by the attacker, why is the "sk" not used as in PRK input ?
sk = HKDF-Expand-Label(dh-secret, "DH-derived key", "", Hash.length)
application_traffic_secret_N+1 = HKDF-Expand-Label(application_traffic_secret_N, "traffic upd 2", sk, Hash.length)
Assuming the application_traffic_secret_N is already exfiltrated by the attacker, why is the "sk" not used as in PRK input ?