On Sat, Jan 17, 2015 at 3:07 AM, Watson Ladd <[email protected]> wrote: > > It's important to note that the attacks are parallel: I can get > everyone using "Bob is my uncle" as a passphrase with one go. This is > because minilock doesn't have a concept of user identity beyond the > public key. This makes the attack much more productive than when > attacking salted passwords.
Not true - the password hashes are salted: miniLock asks for your email address, Peerio uses the user ID. Trevor _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
