[119154] in cryptography@c2.net mail archive
Re: [tahoe-dev] convergent encryption reconsidered -- salting and
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Mar 31 11:09:20 2008
Date: Mon, 31 Mar 2008 09:19:15 +0100
From: Ben Laurie <ben@links.org>
To: tahoe-dev@allmydata.org
CC: theory and practice of decentralized computer networks <p2p-hackers@lists.zooko.com>,
Cryptography <cryptography@metzdowd.com>
In-Reply-To: <C5A20284-A303-4B30-8861-12ABCB4AA8D3@zooko.com>
zooko wrote:
> Think of it like this:
>
> Passwords are susceptible to brute-force and/or dictionary attack.
> We can't, in general, prevent attackers from trying guesses at our
> passwords without also preventing users from using them, so instead
> we employ various techniques:
>
> * salts (to break up the space of targets into subspaces, of which
> at most one can be targeted by a given brute-force attack)
> * key strengthening (to increase by a constant factor the cost of
> checking a password)
> * rate-limits for on-line tries (i.e., you get only a small fixed
> number of wrong guesses in a row before you are locked out for a time-
> out period)
You forgot:
* stronger passwords
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
