On 14:14 Mon 16 Mar , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 13:10 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > On 12:58 Mon 16 Mar , Jan Lübbe wrote:
> > > > > > Personnaly I'll prefer
> > > > > >
> > > > > > a random 64 bytes | sha256 | take first 32bytes. | pbkdf2 1
> > > >
On Mo, 2015-03-16 at 13:10 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> On 12:58 Mon 16 Mar , Jan Lübbe wrote:
> > > > > Personnaly I'll prefer
> > > > >
> > > > > a random 64 bytes | sha256 | take first 32bytes. | pbkdf2 1 round
> > > >
> > > > Running SHA-256 on random data is usele
On 12:58 Mon 16 Mar , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 12:52 +0100, Jean-Christophe PLAGNIOL-VILLARD
> wrote:
> > On 12:41 Mon 16 Mar , Jan Lübbe wrote:
> > > On Mo, 2015-03-16 at 12:25 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > > > Yes, definitely. We must use the algorith
On Mo, 2015-03-16 at 12:52 +0100, Jean-Christophe PLAGNIOL-VILLARD
wrote:
> On 12:41 Mon 16 Mar , Jan Lübbe wrote:
> > On Mo, 2015-03-16 at 12:25 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > > Yes, definitely. We must use the algorithms as they are intended to be
> > > > used.
> > > >
On 12:41 Mon 16 Mar , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 12:25 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > Yes, definitely. We must use the algorithms as they are intended to be
> > > used.
> > >
> > > If we try to move users away from RSA2048 because it will be vulnerable
> > >
On Mo, 2015-03-16 at 12:25 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > Yes, definitely. We must use the algorithms as they are intended to be
> > used.
> >
> > If we try to move users away from RSA2048 because it will be vulnerable
> > in the future, we should not go against established pra
On 12:05 Mon 16 Mar , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 12:01 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > On 11:49 Mon 16 Mar , Jan Lübbe wrote:
> > > On Mo, 2015-03-16 at 11:15 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > > We will use "barebox_password" as salt and 10
On Mo, 2015-03-16 at 12:01 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> On 11:49 Mon 16 Mar , Jan Lübbe wrote:
> > On Mo, 2015-03-16 at 11:15 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > We will use "barebox_password" as salt and 1 round to generate a
> > > 64 bytes key.
> >
>
On 11:49 Mon 16 Mar , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 11:15 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > We will use "barebox_password" as salt and 1 round to generate a
> > 64 bytes key.
>
> The purpose of a salt is to protect a against dictionary or
> rainbow-table (precomp
On Mo, 2015-03-16 at 11:15 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> We will use "barebox_password" as salt and 1 round to generate a
> 64 bytes key.
The purpose of a salt is to protect a against dictionary or
rainbow-table (precomputed) attacks. That means that the Salt must be
randoml
We will use "barebox_password" as salt and 1 round to generate a
64 bytes key.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD
---
common/Kconfig| 4 +++
common/password.c | 79 +++
2 files changed, 55 insertions(+), 28 deletions(-)
d
11 matches
Mail list logo
