Difference between revisions of "Password Key Derivation Function"

From SQRLauth.net
Jump to: navigation, search
(Created page with "Category:Safeguards=== Threat Model ===Possibility of an attacker using brute force guessing a collision of the client identity file pass-phrase hash. === Assisting Safegu...")
 
m
 
Line 1: Line 1:
[[Category:Safeguards]]=== Threat Model ===Possibility of an attacker using brute force guessing a collision of the client identity file pass-phrase hash. === Assisting Safeguards ===Structure of existing PBKDF2 algorithm with minor changes to prevent parallel processing and provide iteration counter for timed operation.
+
[[Category:Safeguards]]
Scrypt Memory and CPU hard hash function tuned to exclude using existing GPU/FPGA hardware, L1/2/3 CPU caches for fast/cheap computation, while allowing existing CPU and RAM architectures.=== Requirements ===A way to deterministically generate a hash from a given pass-phrase such that the algorithm is slow on the target platform (~1 Second) and cannot be significantly accelerated without an investment beyond the practical reach of any nation state.=== Methods ===
+
=== Threat Model ===
 +
Possibility of an attacker using brute force guessing a collision of the client identity file pass-phrase hash.
 +
=== Assisting Safeguards ===
 +
Structure of existing PBKDF2 algorithm with minor changes to prevent parallel processing and provide iteration counter for timed operation.
 +
Scrypt Memory and CPU hard hash function tuned to exclude using existing GPU/FPGA hardware, L1/2/3 CPU caches for fast/cheap computation, while allowing existing CPU and RAM architectures.
 +
=== Requirements ===
 +
A way to deterministically generate a hash from a given pass-phrase such that the algorithm is slow on the target platform (~1 Second) and cannot be significantly accelerated without an investment beyond the practical reach of any nation state.
 +
=== Methods ===
 
[[EnScrypt]]
 
[[EnScrypt]]

Latest revision as of 20:59, 26 March 2015

Contents

Threat Model

Possibility of an attacker using brute force guessing a collision of the client identity file pass-phrase hash.

Assisting Safeguards

Structure of existing PBKDF2 algorithm with minor changes to prevent parallel processing and provide iteration counter for timed operation. Scrypt Memory and CPU hard hash function tuned to exclude using existing GPU/FPGA hardware, L1/2/3 CPU caches for fast/cheap computation, while allowing existing CPU and RAM architectures.

Requirements

A way to deterministically generate a hash from a given pass-phrase such that the algorithm is slow on the target platform (~1 Second) and cannot be significantly accelerated without an investment beyond the practical reach of any nation state.

Methods

EnScrypt