On Mon, May 4, 2015 at 2:10 AM, Fabio Pietrosanti (naif) - lists <li...@infosecurity.ch> wrote: > Hi all, > > testing the lovely slowness of a pure scrypt implementation in > javascript running into the browser, i was wondering anyone ever tried > to think/design an cryptosystem for key stretching purposes that > leverage only existing webcrypto API > (https://www.chromium.org/blink/webcrypto) with the goal to use let's > say 80% of cpu time on native-crypto-code rather than JS code? > > In the browser native crypto code trough WebCrypto API works obviously > much faster than JS crypto code (how much?)! > Just bike shedding, but I don't think that's fair to WebCrypto. WebCrypto provides a standard set of primitives, like hahses. But the selected hashes are designed to be fast, and not slow or memory hard.
So comparing a WebCrypto PBKDF based on SHA-X is akin to comparing apples and oranges. Also see https://lists.w3.org/Archives/Public/public-webapps/2015JanMar/0706.html. Jeff _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography