From: Tyler Hicks <tyhicks@canonical.com>
To: Wiebe Cazemier <wiebe@halfgaar.net>
Cc: Sylvain Pelissier <sylvain.pelissier@gmail.com>,
ecryptfs@vger.kernel.org
Subject: Re: bcrypt or other key derivation algorithm
Date: Fri, 29 Jan 2016 16:34:34 -0600 [thread overview]
Message-ID: <20160129223434.GC15683@boyd> (raw)
In-Reply-To: <2036538347.232681.1453192534353.JavaMail.zimbra@halfgaar.net>
[-- Attachment #1: Type: text/plain, Size: 2591 bytes --]
On 2016-01-19 09:35:34, Wiebe Cazemier wrote:
> ----- Original Message -----
> > From: "Sylvain Pelissier" <sylvain.pelissier@gmail.com>
> > To: "Wiebe Cazemier" <wiebe@halfgaar.net>
> > Cc: ecryptfs@vger.kernel.org
> > Sent: Monday, 18 January, 2016 12:00:36 PM
> > Subject: Re: bcrypt or other key derivation algorithm
> >
> > Hi,
> >
> > I think it is a good idea to support stronger algorithms. As a new
> > hashing algorithm, you can also consider Argon2 algorithm, the winner
> > of the Password hashing compettion (https://password-hashing.net/).
> > The implementation is already available:
> > https://github.com/p-h-c/phc-winner-argon2.
> > Reagrds
> >
> > Sylvain
>
> That's interesting. I wonder why nobody is talking about it. Bcrypt and scrypt are all the rage, and even those are not fully trusted by all, because they haven't withstood the test of time.
>
> Question remains though, I can't implement it without knowing what to do with the v2 wrapped passphrase file. I can think of something myself, but I'd rather do something that I know won't be rejected :)
>
> From the source code:
>
> * Reads a version 2 wrapped passphrase file containing the following format:
> *
> * Octet 0: A ':' character
> * Octet 1: uint8_t value indicating file version (MUST be 0x02)
> * Octets 2-9: Wrapping salt
> * Octets 10-25: Signature of wrapping key (16 octets)
> * Octets 26-N1: Variable length field containing the encrypted
> * passphrase. (Up to 64 octets. Must be non-empty.)
>
> Would a v3 be in order?:
>
> * Octet 0: A ':' character
> * Octet 1: uint8_t value indicating file version (MUST be 0x03)
> * Octet 2: uint8_t id of hashing algorithm.
Don't you mean KDF instead of hashing algorithm here? (scrypt, PBKDF2,
etc.)
> * Octets 3-10: Wrapping salt
> * Octets 11-26: Signature of wrapping key (16 octets)
> * Octets 27-N1: Variable length field containing the encrypted
> * passphrase. (Up to 64 octets. Must be non-empty.)
If octet 2 is KDF instead of hashing algorithm, octets 3-N1 are going
to vary based on the KDF used. For instance, scrypt will need to store
the values of N, r, and p while PBKDF2 will need to store the number of
iterations.
Tyler
>
>
> Regards,
>
> Wiebe
> --
> To unsubscribe from this list: send the line "unsubscribe ecryptfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2016-01-29 22:34 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <148109963.231852.1453113382610.JavaMail.zimbra@halfgaar.net>
2016-01-18 10:51 ` bcrypt or other key derivation algorithm Wiebe Cazemier
2016-01-18 11:00 ` Sylvain Pelissier
2016-01-19 8:35 ` Wiebe Cazemier
2016-01-29 22:34 ` Tyler Hicks [this message]
2016-02-01 9:50 ` Wiebe Cazemier
2016-01-20 2:54 ` Tyler Hicks
2016-01-20 2:48 ` Tyler Hicks
2016-01-20 19:33 ` Wiebe Cazemier
2016-01-29 22:19 ` Tyler Hicks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160129223434.GC15683@boyd \
--to=tyhicks@canonical.com \
--cc=ecryptfs@vger.kernel.org \
--cc=sylvain.pelissier@gmail.com \
--cc=wiebe@halfgaar.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).