The spec has been updated a bit.
Even if the bulk of the key-stretching work has been outsourced to another
device, and that device is compromised, the passphrase is now protected by
minimum 8192 rounds of salted PBKDF2-HMAC-SHA512.
The idea is that more powerful devices (mobile phones, laptops, etc.) can
do all the key-stretching on their own, whereas weaker devices with access
to another device with more computing power (like Trezors) do a fair amount
of key-stretching on their own, but can safely export the rest of the
key-stretching to the other device.
Will
On Tue, Mar 11, 2014 at 10:17 PM, Jean-Paul Kogelman <
jeanpaulkogel...@me.com> wrote:
> Hi everyone,
>
> We've been hard at work updating the spec to include features that were
> requested. We've removed the Scrypt dependency that was present in the
> initial drafts, added new KDFs, added plausible deniability and have a
> reference implementation.
>
>
> Kind regards,
>
>
> Jean-Paul Kogelman
>
------------------------------------------------------------------------------
Start Your Social Network Today - Download eXo Platform
Build your Enterprise Intranet with eXo Platform Software
Java Based Open Source Intranet - Social, Extensible, Cloud Ready
Get Started Now And Turn Your Intranet Into A Collaboration Platform
http://p.sf.net/sfu/ExoPlatform
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
