CLI Client for a Cryptographic Web Application

This is a long one. I write a new client for a real world E2E encrypted file transfer solution.

#aes #cryptography #hkdf #sha-256 #hash #hmac

https://youtu.be/GQBbgmbR1Ck

HKDF is commonly used to derive key material just in time for its application. However, as a cryptography tool, HKDF is severely under documented and lacks prescriptive examples for intended use.

A large-tech blog shared their HKDF application and I identify several issues with its implementation. Inside is an anonymized version with critiques and improvements.

Tags: #cryptography #hkdf #blog #engineering #security

https://cendyne.dev/posts/2023-01-30-how-to-use-hkdf.html