State of the Art in Password Hashing Algorithm - (as of 2016) - Argon2i
Popular easy-to-use and secure password manager
Brought to you by:
ronys
Menu
▾
▴
#805 State of the Art in Password Hashing Algorithm - (as of 2016) - Argon2i
Hi Rony, it's been quite a long time since my last confession :P
Disclaimer: I'm a complete noob on these topics, and I think I'm conflating encryption algorithms with password hashing algorithms, so I apologize in advance. I seem to grasp that they way persistent memory is encrypted/decrypted has nothing to do with how the passcode (password/passphrase) is stored, accessed and concealed, and that's as far as I can go.
Nonetheless, I wanted to bring this important new advance in the cryptography field (specifically in the password hashing arena) to your attention, in the hopes that, if you find it useful, can leverage its power to improve this amazing piece of software.
EoD (End of Disclaimer)
If applicable, would you please look into the specs of this new "algo" and see if it can be integrated in a future release of Pwsafe, as an option?
After two years of extensive research and relentless cracking efforts by the best teams in the cracking community, it was awarded the First Place in the Password Hashing Competition and they are urging anyone who cares to listen to its adoption. (A quick glance at the names involved in both the judging panel and the development teams, reveals a who is who of the best minds alive in the fields of cryptography, password cracking and IT security.
Other links of interest:
-
Jeremi Gosney He goes by the handle epixoip in this comment thread, answering ALL the questions asked, in detail. By the way, he and his work is what's featured in the article. You'll notice it's a rather old one, in fact it's 3+ years old, and by that time -Dec 2012- they were achieving 350 giga hashes a second of password candidates on the NThash algorithm. I can't imagine the numbers by now... (Of course one algorithm has nothing to do with another so I'm not comparing apples to oranges, but again, mind blowing numbers). The point is that these guys know what they are doing, so I pay attention to these things. And they work for law enforcement and APT's, especially in areas of disk encryption access and password/data decryption.
-
oclHashcat's algorithms It's old news by now, but it bares repeating: it would be really nice to see how vulnerable are the algorithms implemented in VeraCrypt, when attacked by the password cracking community, and more than that, to compare how well (or bad) the algorithms already in place stack against this new one proposed.
-
Sagitta Performance Cracking This is Jeremy Gosney's company*. (No affiliation whatsoever).
-
Oficial GitHub Repository of the Argon2 Developers All the specs and info is there.
Again, I'm in no way associated with anyone that I link to here, just wanted to let you know of this news, maybe it turns out to be an important addition.
I'll appreciate your insight once you find the time to look into this. And everyone else's as well of course. I'm always eager to educate myself, so I thank in advance for all the input I can get.
Adiós!
Full disclosure: I posted earlier the same request in the VeraCrypt forum here, because I find this info really important to spread around. And both pieces of software, VC and Pwsafe are the best in their respective categories, in my modest opinion. The verbatim copy is just out of laziness and the fact that I already had written everything I consider important to say.
Hm.
I think someone actually forked PasswordSafe to create a non-compatible version using Argon2.
I'll read the paper in depth later - seems interesting - but I think that using this would basically strengthen something that's already far from being the weakest link in PasswordSafe's security posture (forgive the mixed metaphors).
Thanks for the pointer, in any case. I'll update this thread if I've anything interesting to add after reviewing the paper.
Thanks Rony for such a prompt reply. And is also worth noting the response from the cryptographers in the other forum I posted the same info. It might come in handy to you.
Keep it up and eternal thanks for your work.
Latest developments in Argon2i worth looking at:
(a potential weakness has been discovered and addressed, possibly leading to a new iteration, called Argon2x)
How to Safely Store Your Users' Passwords in 2016
You Wouldn't Base64 a Password - Cryptography Decoded
How to Safely Store a Password in 2016 (with example code)
Analysis of Argon2i
Most importantly is the consensus among the password cracking community about the overall weakness in PBKDF2, and it's shortcomings when compared to all other candidates.
Last edit: Aaron Swartz are we all 2016-03-12