Password Key Derivation Function

Jump to: navigation, search


Threat Model

Possibility of an attacker using brute force guessing a collision of the client identity file pass-phrase hash.

Assisting Safeguards

Structure of existing PBKDF2 algorithm with minor changes to prevent parallel processing and provide iteration counter for timed operation. Scrypt Memory and CPU hard hash function tuned to exclude using existing GPU/FPGA hardware, L1/2/3 CPU caches for fast/cheap computation, while allowing existing CPU and RAM architectures.


A way to deterministically generate a hash from a given pass-phrase such that the algorithm is slow on the target platform (~1 Second) and cannot be significantly accelerated without an investment beyond the practical reach of any nation state.