Question: Can shared secret obtained from in examples/kem.py used as session key?

[evil-user]

Hi , i am curious if i can directly use shared secret obtained from line 31 in example/kem.py : -

    # the server encapsulates its secret using the client's public key
    ciphertext, shared_secret_server = server.encap_secret(public_key)

can be directly used as session key for symmetric key crypto like AES or i should use KDF like argon2 to make it suitable as session key

[dstebila]

Generally it's suitable to be used directly as the key for a symmetric encryption scheme like AES. If you need multiple keys (e.g., one for AES and one for HMAC) then you should use a KDF to turn one key into two. There's no need to use a slow password-oriented KDF like argon2, HKDF would be fine.