Per-bucket DEKs with HKDF, hashed policy keys to kill enumeration, HMAC audit ch... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		emanuele-em 39 days ago \| parent \| context \| favorite \| on: Show HN: Keeper – embedded secret store for Go (he... Per-bucket DEKs with HKDF, hashed policy keys to kill enumeration, HMAC audit chain. This is the kind of boring-correct crypto design I rarely see in Go libraries. memguard for the master key is a nice touch too.

babawere 39 days ago [–]

I was thinking its better to be boring-correct :)

emanuele-em 39 days ago | [–]

yes I totally agree, my message was a compliment :)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact