Feature #3122
use scrypt instead of PBKDF2
| Status: | New | Start date: | 03/25/2014 | |
|---|---|---|---|---|
| Priority: | Low | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | future | |||
| Component: |
Description
Using scrypt will provide more secure key stretching and brute force cracking resistance for our users.
Scrypt is more suited to our environment where the disparity between runtime execution performance (dinky mobile hardware) compared to the cracking hardware of the adversary (desktop computers, or super computers) is large.
We need to choose and include a scrypt library as well as determine optimal cost parameters (the equivalent of PBKDF's iteration count). Finally, a migration route will need to be coded.
History
#1 Updated by hans over 3 years ago
- Priority changed from Normal to Low
#2 Updated by hans over 3 years ago
- Target version deleted (
0.2)
#3 Updated by hans over 3 years ago
- Target version set to future