Question for the crypto-gurus out there (skip to TLDR if you want). What is the best practice (for today) when dealing with passwords over websites, given the following context and assumptions:
Context: - Hashed/encrypted passwords stored in server database - User enters password in form and sends to server over HTTPS - KDF algorithm shouldn't run for more than 2 seconds on any modern mobile device Assumptions: - It is better to send the encrypted password over the wire than the password itself Known knowns: - Server can run all three KDFs natively. - Clients (web browsers) can only run PBKDF2 natively for browsers that support that part of the WebCrypto spec TLDR: That last part is the crux of the question: since only PBKDF2 (might) be supported natively, and scrypt/bcrypt are forced to run in JS, does that imply that in the case of login forms PBKDF2 is actually /more secure/ than scrypt/bcrypt given our 2 second runtime constraint? How do I even begin to test/validate this question? Many thanks! Greg Slepak -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
