On 20-8-2015 13:49, James Starkey wrote:
> SHA1 produces a 160 bit hash or 2^160 possible values. To search the
> hash space, on average you have to try half of these, or 2^159 probles.
> A decimal digit requires about three and a half bits, so round that up
> to four. So expressing the number of
On Thursday, August 20, 2015, Alex Peshkoff wrote:
>
>
> And what about the vault at the client side containing long randomly
> generated password for SRP - this is definitely a way to make things not
> as bad as they can when verifiers are compromised. I suppose to use this
> suggestion in post-
On 08/20/2015 03:11 PM, James Starkey wrote:
> On Thursday, August 20, 2015, Alex Peshkoff wrote:
>
>> On 08/18/2015 12:22 AM, Jim Starkey wrote:
>>> Unless it can be guaranteed that SRP verifiers in Firebird are immune
>>> to compromised
>> What do you mean by 'immune to compromised' here? The ma
On Thursday, August 20, 2015, Alex Peshkoff wrote:
> On 08/18/2015 12:22 AM, Jim Starkey wrote:
> >
> > Unless it can be guaranteed that SRP verifiers in Firebird are immune
> > to compromised
>
> What do you mean by 'immune to compromised' here? The main goal of using
> SRP as a default authenti
On Thursday, August 20, 2015, Mark Rotteveel wrote:
> On Wed, 19 Aug 2015 18:17:03 -0400, James Starkey >
> wrote:
> > A "better" hashing algorithm has no signficant effect. The difference
> in
> > security between a 20 byte hash and a 64 byte hash is 1 / 2^128, a
> number
> > so small that the
On 08/18/2015 12:22 AM, Jim Starkey wrote:
> The theoretical basis of computer security and mutual authentication
> is the concept of shared secrets. The most common implementations use
> passwords. In Firebird, there are at least two implementation of
> password based authentication, SRP veri
On Wed, 19 Aug 2015 18:17:03 -0400, James Starkey
wrote:
> A "better" hashing algorithm has no signficant effect. The difference
in
> security between a 20 byte hash and a 64 byte hash is 1 / 2^128, a
number
> so small that there isn't enough computer memory on earth to hold it in
> decimal forma
On Wednesday, August 19, 2015, Mark Rotteveel wrote:
>
> >
> > In the final analysis, hardening any computing systems requires that the
> > most vulnerable links be addressed first. In Firebird, that is the use
> > of human chosen passwords.
>
> Using a client-side password vault is an interesti
On 17-8-2015 23:22, Jim Starkey wrote:
> The theoretical basis of computer security and mutual authentication is
> the concept of shared secrets. The most common implementations use
> passwords. In Firebird, there are at least two implementation of
> password based authentication, SRP verifiers a
The theoretical basis of computer security and mutual authentication is
the concept of shared secrets. The most common implementations use
passwords. In Firebird, there are at least two implementation of
password based authentication, SRP verifiers and irreversible hash
algorithms. Each can
10 matches
Mail list logo
