[tahoe-dev] convergent encryption reconsidered -- salting and key-strengthening

Ben Laurie ben at links.org
Mon Mar 31 08:19:15 UTC 2008

zooko wrote:
> Think of it like this:
> Passwords are susceptible to brute-force and/or dictionary attack.   
> We can't, in general, prevent attackers from trying guesses at our  
> passwords without also preventing users from using them, so instead  
> we employ various techniques:
>   * salts (to break up the space of targets into subspaces, of which  
> at most one can be targeted by a given brute-force attack)
>   * key strengthening (to increase by a constant factor the cost of  
> checking a password)
>   * rate-limits for on-line tries (i.e., you get only a small fixed  
> number of wrong guesses in a row before you are locked out for a time- 
> out period)

You forgot:

   * stronger passwords



http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

More information about the tahoe-dev mailing list