This is off topic. There's a password hashing mailing list, I suggest you take your question there:
https://password-hashing.net/interaction.html Or to one of the general crypto lists: http://lists.randombit.net/mailman/listinfo/cryptography http://www.metzdowd.com/mailman/listinfo/cryptography Trevor On Fri, Dec 19, 2014 at 9:52 PM, Tao Effect <[email protected]> wrote: > Question for the crypto-gurus out there (skip to TLDR if you want). > > What is the best practice (for today) when dealing with passwords over > websites, given the following context and assumptions: > > Context: > > - Hashed/encrypted passwords stored in server database > - User enters password in form and sends to server over HTTPS > - KDF algorithm shouldn't run for more than 2 seconds on any modern mobile > device > > Assumptions: > > - It is better to send the encrypted password over the wire than the > password itself > > Known knowns: > > - Server can run all three KDFs natively. > - Clients (web browsers) can only run PBKDF2 natively for browsers that > support that part of the WebCrypto spec > > TLDR: > > That last part is the crux of the question: since only PBKDF2 (might) be > supported natively, and scrypt/bcrypt are forced to run in JS, does that > imply that in the case of login forms PBKDF2 is actually /more secure/ than > scrypt/bcrypt given our 2 second runtime constraint? > > How do I even begin to test/validate this question? > > Many thanks! > > Greg Slepak > > -- > Please do not email me anything that you are not comfortable also sharing > with the NSA. > > > _______________________________________________ > Messaging mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/messaging > _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
