[issue28384] hmac cannot be used with shake algorithms
Christian Heimes
report at bugs.python.org
Tue Oct 11 05:32:00 EDT 2016
Christian Heimes added the comment:
It's not a bug, but indented behavior. It does not make any sense to use SHAKE with the HMAC construct. In fact it does not make sense to combine Keccak sponge or Blake2 with HMAC at all. HMAC is only necessary for old, Merkle-Damgard hashing algorithms like MD5, SHA1 and SHA2, because they are subject to length extension attacks.
The correct solution is
4. improve documentation
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue28384>
_______________________________________
More information about the Python-bugs-list
mailing list