Re: [kitten] Comments on draft-ietf-kitten-password-storage-04
Sam Whited <sam@samwhited.com> Thu, 01 April 2021 22:57 UTC
Return-Path: <sam@samwhited.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 264533A26C2
for <kitten@ietfa.amsl.com>; Thu, 1 Apr 2021 15:57:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001,
RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=samwhited.com header.b=mIMCcdjs;
dkim=pass (2048-bit key)
header.d=messagingengine.com header.b=L+KimSAF
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id yx7ZOlSbPU7q for <kitten@ietfa.amsl.com>;
Thu, 1 Apr 2021 15:57:49 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com
[66.111.4.26])
(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 61EC13A26C0
for <kitten@ietf.org>; Thu, 1 Apr 2021 15:57:49 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
by mailout.nyi.internal (Postfix) with ESMTP id 9137F5C009F
for <kitten@ietf.org>; Thu, 1 Apr 2021 18:57:47 -0400 (EDT)
Received: from imap34 ([10.202.2.84])
by compute4.internal (MEProxy); Thu, 01 Apr 2021 18:57:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samwhited.com;
h=mime-version:message-id:in-reply-to:references:date:from:to
:subject:content-type:content-transfer-encoding; s=fm2; bh=xE8At
widiA59aBoA45qTLvVjl0Pw3SHmX8KvVh193+8=; b=mIMCcdjseg/zQ70R3adcs
wezDN87pgHEx4sCQg2K9gyKpa1dyzRdXWqgwVUwSuYIjr5//AcfZUuNpMA3hnJ2t
lvZYILViLwFCJx/Nce0fqpNAyg9knJaRI1y6YbUqBCxldv73rqdu5G1EzesmB/iJ
G33tCgnIO739wQh3WtODggVA69+o1dfGLTH7CPwHH2pMaOXPIg75jP/e7Vw1QsZd
e0j3oQlHKAH9OBqOww0OqQeCeFNLnH5L+oFffly8D9yG6uqJXorECxIHmaZtN8Un
5aZraPh4tuCrGnFJV1Qw2nfzLb53K2GZ+i1iSnb0DuzmkzsCZgAcryIhnFdz1QMn
A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=content-transfer-encoding:content-type
:date:from:in-reply-to:message-id:mime-version:references
:subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
:x-sasl-enc; s=fm2; bh=xE8AtwidiA59aBoA45qTLvVjl0Pw3SHmX8KvVh193
+8=; b=L+KimSAFykDTGodyFG6lrEM7YYUp5OUN2sr1iWff13yhnRJsuDipZEPnf
DLvs3amLSrMubL4ApEyUZBQZViJWDoaGlXpyRWqSQw7BTO9QLKv6dFXvd7vQjcy2
i70qk1zRiNyXXJ4Ydoabv6N+MbIEp3g6abgT+62+dWQ9b0SYduKWGRJczz/l3B4h
vhc8MuaL/Abaokk9WXx7yAnsysIHWabaHT6z5DD08HCUAxYZkXqs+XwK8s2OSrlo
TeD3USnoKuhG0XIwR9psQTxGPtNRz96geaZPK8pTDK+c4A1G8RtInT+g5tqgheLo
mVDnFWCJRZ6mvAbb7/046P4sI/CNQ==
X-ME-Sender: <xms:6k9mYEDJmtySfWG2sG62MwntfNvbFwIcVOLig4Xd6V9WbnjlFW2_lw>
<xme:6k9mYGhMrU3fUfxU1cNuzlkkOUTwe4RYacLwstZ01x-z4wkGRsERjOLmrUb71Pkop
MNyXgUYg_f2qFMlZw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudeihedgudejucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
cujfgurhepofgfggfkjghffffhvffutgfgsehtqhertderreejnecuhfhrohhmpedfufgr
mhcuhghhihhtvggufdcuoehsrghmsehsrghmfihhihhtvggurdgtohhmqeenucggtffrrg
htthgvrhhnpeefuddukeekueetueelfeeguedvuedvffehvdevieffgeehhfejffdtveev
uedvffenucffohhmrghinhepihgvthhfrdhorhhgnecuvehluhhsthgvrhfuihiivgeptd
enucfrrghrrghmpehmrghilhhfrhhomhepshgrmhesshgrmhifhhhithgvugdrtghomh
X-ME-Proxy: <xmx:6k9mYHlQr1wHZtXehTWbN29hu-VQ7Ew86ehcbMEVBCWwI7gGT8qY5g>
<xmx:6k9mYKxlYVucoSg3d1JpFbcdroV4pQRmVl3Baay46stcKYyvZduNlQ>
<xmx:6k9mYJSWpIg2tOBAxuQRrsJO5GK5U71eS3bbkxYNaFtLlFCvKl-HKg>
<xmx:609mYAccg_WReeJVgKn0Ql18pJlkrsxsEtGAzAZl-qnWx4KzRgwyuw>
Received: by mailuser.nyi.internal (Postfix, from userid 501)
id 76634280074; Thu, 1 Apr 2021 18:57:46 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-273-g8500d2492d-fm-20210323.002-g8500d249
Mime-Version: 1.0
Message-Id: <37ae1f6c-2c39-4a76-995c-642a91131553@www.fastmail.com>
In-Reply-To: <2110984725.110415.1616290531763@email.ionos.com>
References: <E4D53992-EFFD-4938-8427-D276B5A0A178@bluepopcorn.net>
<2110984725.110415.1616290531763@email.ionos.com>
Date: Thu, 01 Apr 2021 18:57:25 -0400
From: "Sam Whited" <sam@samwhited.com>
To: "KITTEN Working Group" <kitten@ietf.org>
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/hoEMXUIxg0Up9XLNit9Yk6w91UQ>
Subject: Re: [kitten] Comments on draft-ietf-kitten-password-storage-04
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>,
<mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>,
<mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 22:57:54 -0000
Thanks for your feedback! Out of curiosity, why the lower memory size and a single lane, as opposed to the m=2GiB, t=1, p=4 from https://tools.ietf.org/html/draft-irtf-cfrg-argon2-13#section-7.3 —Sam On Sat, Mar 20, 2021, at 21:35, steve@tobtu.com wrote: > Note on OWASP, it is going through massive changes and should not be > looked at for about a week. Also settings are now based on benchmarks > or theoretical speeds, except bcrypt because "9 feels low". > > Argon2id: m=37 MiB, t=1, p=1 m=15 MiB, t=2, p=1 > > bcrypt: cost 12 > > PBKDF2: HMAC-SHA1: 720,000 iterations HMAC-SHA256: 310,000 iterations > HMAC-SHA512: 120,000 iterations
- [kitten] Comments on draft-ietf-kitten-password-s… Jim Fenton
- Re: [kitten] Comments on draft-ietf-kitten-passwo… steve
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Jim Fenton
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… steve
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… steve
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Jim Fenton
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited