From: Tyler Hicks <tyhicks@canonical.com>
To: Sylvain Pelissier <sylvain.pelissier@gmail.com>
Cc: Wiebe Cazemier <wiebe@halfgaar.net>, ecryptfs@vger.kernel.org
Subject: Re: bcrypt or other key derivation algorithm
Date: Tue, 19 Jan 2016 20:54:42 -0600 [thread overview]
Message-ID: <20160120025442.GB5623@boyd> (raw)
In-Reply-To: <CAOkUe-DgVJ6DPaL0UnTM7T1FzDEvWV6_HwsSvVDVTj5F_JW6vg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1974 bytes --]
While it would be nice in some ways to be on the cutting edge of things,
I'd prefer to stick with something more widely used today (bcrypt,
scrypt, PBKDF2) while ensuring that the design allows for easily
extending to something like argon2.
Tyler
On 2016-01-18 12:00:36, Sylvain Pelissier wrote:
> Hi,
>
> I think it is a good idea to support stronger algorithms. As a new
> hashing algorithm, you can also consider Argon2 algorithm, the winner
> of the Password hashing compettion (https://password-hashing.net/).
> The implementation is already available:
> https://github.com/p-h-c/phc-winner-argon2.
> Reagrds
>
> Sylvain
>
> On 18 January 2016 at 11:51, Wiebe Cazemier <wiebe@halfgaar.net> wrote:
> > Hi,
> >
> > What are the thoughts on implementing bcrypt as key derivation algorithm? I already found a TODO in the code that ecryptfs should support more algorithms than just SHA512 * 65536. I tried brute forcing this, and got no further than about 20/s, but on FPGAs/GPUs this would be a lot faster.
> >
> > It should be easy enough to borrow code from OpenSSH, which uses bcrypt in their secure new private key file format (ssh-keygen -o; their old format is pretty weak (MD5 once, encrypt with AES 128)).
> >
> > Questions:
> >
> > 1) The v2 wrapped does not have a field to indicate which algorithm is used (like /etc/shadow (crypt API) has). Does this necessitate a v3, which does have said field?
> >
> > 2) Are there objections to including BSD licensed code from OpenSSH?
> >
> > Regards,
> >
> > Wiebe
> > --
> > To unsubscribe from this list: send the line "unsubscribe ecryptfs" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> --
> To unsubscribe from this list: send the line "unsubscribe ecryptfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2016-01-20 2:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <148109963.231852.1453113382610.JavaMail.zimbra@halfgaar.net>
2016-01-18 10:51 ` bcrypt or other key derivation algorithm Wiebe Cazemier
2016-01-18 11:00 ` Sylvain Pelissier
2016-01-19 8:35 ` Wiebe Cazemier
2016-01-29 22:34 ` Tyler Hicks
2016-02-01 9:50 ` Wiebe Cazemier
2016-01-20 2:54 ` Tyler Hicks [this message]
2016-01-20 2:48 ` Tyler Hicks
2016-01-20 19:33 ` Wiebe Cazemier
2016-01-29 22:19 ` Tyler Hicks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160120025442.GB5623@boyd \
--to=tyhicks@canonical.com \
--cc=ecryptfs@vger.kernel.org \
--cc=sylvain.pelissier@gmail.com \
--cc=wiebe@halfgaar.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox