Re: [kitten] Password KDF settings on draft-ietf-kitten-password-storage-01
steve@tobtu.com Wed, 04 November 2020 00:56 UTC
Return-Path: <steve@tobtu.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E07093A12F3 for <kitten@ietfa.amsl.com>; Tue, 3 Nov 2020 16:56:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ulPfKhGYxCdH for <kitten@ietfa.amsl.com>; Tue, 3 Nov 2020 16:56:36 -0800 (PST)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B9C33A12FC for <kitten@ietf.org>; Tue, 3 Nov 2020 16:56:36 -0800 (PST)
Received: from oxuslxaltgw04.schlund.de ([10.72.76.60]) by mrelay.perfora.net (mreueus004 [74.208.5.2]) with ESMTPSA (Nemesis) id 1MeTLU-1k1sHP2oNw-00aUHj for <kitten@ietf.org>; Wed, 04 Nov 2020 01:56:35 +0100
Date: Tue, 03 Nov 2020 18:56:35 -0600
From: steve@tobtu.com
To: "kitten@ietf.org" <kitten@ietf.org>
Message-ID: <826092494.185664.1604451395074@email.ionos.com>
In-Reply-To: <1083773715.184522.1604446745441@email.ionos.com>
References: <1616000628.98654.1604113896801@email.ionos.com> <b19e60cc-77cc-43e8-acbc-1ce2a9087029@www.fastmail.com> <1557889497.117270.1604192515476@email.ionos.com> <67b8bf34-030d-43db-abd7-4ab6573c4d9e@www.fastmail.com> <1083773715.184522.1604446745441@email.ionos.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.3-Rev23
X-Originating-Client: open-xchange-appsuite
X-Provags-ID: V03:K1:QhWhFLwyDr0r5fl02SrL4lWP0rbAReOjDKS7PFBO2dTrw5yW4AO GUAz6vIr5CE9rIDip8CE9rXD/TXoNd2+rh4BrN0o0m6Oc0kkGuGot1HiiEHVsrM1GS8FeVa HyHyWWWHVMXDed53ekCpNor9Gi0qNh8wG6fGOPKO+i7/D0RlOuYAVUBUbPgIfmulNsfr4vI gNYSclLOMSvwIbsJSPNsw==
X-UI-Out-Filterresults: notjunk:1;V03:K0:zMdra+ZhsqM=:10rFNb+rtrH+1QCW+BbbKf h+2+oZFtf6bbH+d9BdCWGqg1BxBdC4v+h+MQ+djR3/8lcZnHup3t9QZpz7gR+4P47f1dVP0kc 132LkmhKYuetDrRPe2a9FlDeZrAFjukhWh3p9QGvKAeYy8VGuzXmXd3zgaQpAbMQpXNkIw8oc WowhENi8DPnMuddC6eT8xdnsf+QHoL/soEnUrH6F4M/lRQ+czgmqC84qgbZpyS3nasUFYy5d8 ogB5qmiTQmuNjQ1aw/e/l1Qs9N1CkHgcWiWPdxyttTVpyHo+xcCqmQB1MJHfJnsJjpws1z8VF sVzN24mkPfHFwTABnEFLbjVqAP1k2pP/QZSeCXJXBXIf2nA/RJB94Vg7ra1FiUe5m/VRZohLf 4vDuQxiP8N2eiGRwECIai69tttyIY1ztte5DtAl813G8OIx8WryMajI7CJqhM
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/5FY1l0QZ9tQuFCZNj4MZcHpQ05o>
Subject: Re: [kitten] Password KDF settings on draft-ietf-kitten-password-storage-01
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2020 00:56:38 -0000
Oops I didn't reply on list: > On 11/03/2020 5:39 PM steve@tobtu.com wrote: > > > > On 11/01/2020 4:10 AM Sam Whited <sam@samwhited.com> wrote: > > > > > > On Sat, Oct 31, 2020, at 21:01, steve@tobtu.com wrote: > > > Note that the recommendation from OWASP for bcrypt was briefly changed > > > to cost 12 by one person and switched back to cost 10. Their defense > > > cited your draft as why to keep it at cost 12. Until I pointed out > > > that they are now citing each other. > > > > Oh yes, that's definitely not good; the document I see > > (https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#bcrypt) > > still shows 12 though, do they have other recommendations listed > > somewhere else? > > If you are taking bcrypt cost 12 from OWASP, then you should take PBKDF2 100,000 iterations too. Since those are the "well if you can, go for these numbers". Just a reminder bcrypt cost is exponential so cost 12 is 16 times harder than cost 8 and cost 8 is equivalent to PBKDF2-SHA256 300,000 iterations. Note both cost 8 and 300,000 iterations are just over 10 kH/s/GPU thus are considered not good. > > "The default work factor for Bcrypt is 10, and this should generally be raised to 12 unless operating on older or lower-powered systems." > > "The work factor for PBKDF2 is implemented through the iteration count, which should be at least 10,000 (although values of up to 100,000 may be appropriate in higher security environments)."