7-Zip / Feature Requests / #1639 add Argon 2

#1639 add Argon 2

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2024-08-07

Created: 2024-08-07

Creator: heinz

Private: No

Please add Argon 2 for key derivation or password hashing https://en.wikipedia.org/wiki/Argon2
That way we would have a state of the art key derivation algorithm.
Furthermore we should be able to choose the options for it (Memory, Iterations and Parallelism).

Discussion

Igor Pavlov - 2024-08-07

We will need new encryption, only if old encryption will be consider as unsecure.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- heinz - 2024-08-07
  
  The key derivation is already considered unsecure, even for two reasons.
  1. It doesn't use a salt (pepper and salt). https://github.com/openwall/john/issues/1679 https://crypto.stackexchange.com/questions/30468/is-it-true-that-7zip-doesnt-use-any-salt-with-its-kdf
  2. It uses the outdated PBKDF2 https://en.wikipedia.org/wiki/PBKDF2#Alternatives_to_PBKDF2
  
  Edit: And Argon 2 is the best choice for a new algorithm because it's the winner of the Password Hashing Competition
  
  Last edit: heinz 2024-08-07
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

add Argon 2

A free file archiver for extremely high compression

Group

Searches

Help

#1639 add Argon 2

Discussion