Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hardened derivation and forward secrecy #135

Open
fjarri opened this issue Jul 18, 2024 · 0 comments
Open

Hardened derivation and forward secrecy #135

fjarri opened this issue Jul 18, 2024 · 0 comments
Labels
cryptography Needs cryptographic expertise
Milestone
v1.0.0

Comments

@fjarri
Copy link
Member

fjarri commented Jul 18, 2024

In #132 we introduced BIP32 derivation for non-hardened paths. I am not sure if it is possible to support hardened derivation, and what kind of secret data would we use in this case. Maybe rid? (see #134 as well)

Also this seems to be connected to the issue of forward secrecy. Do we need hardened derivation for forward secrecy. or are there other ways to do it? Can we have both forward secrecy, and child public keys being derivable by a third party?

(This paper)[https://eprint.iacr.org/2021/1287.pdf] proposes a stateful derivation: after a child key is derived, the node's state is bumped (end of Section 4.2). So when a child key is compromised, it compromises only the keys that were derived after it.
@fjarri fjarri added the cryptography Needs cryptographic expertise label Jul 18, 2024
@fjarri fjarri added this to the v1.0.0 milestone Jul 18, 2024
@fjarri fjarri mentioned this issue Jul 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cryptography Needs cryptographic expertise
Projects
None yet
Milestone
v1.0.0
Development

No branches or pull requests
1 participant
@fjarri