mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
To: "Jan Lübbe" <jlu@pengutronix.de>
Cc: barebox@lists.infradead.org
Subject: Re: [PATCH 07/10] password: add pbkdf2 support
Date: Mon, 16 Mar 2015 12:25:07 +0100	[thread overview]
Message-ID: <20150316112507.GF26127@ns203013.ovh.net> (raw)
In-Reply-To: <1426503959.3330.45.camel@pengutronix.de>

On 12:05 Mon 16 Mar     , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 12:01 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > On 11:49 Mon 16 Mar     , Jan Lübbe wrote:
> > > On Mo, 2015-03-16 at 11:15 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > > We will use "barebox_password" as salt and 10000 round to generate a
> > > > 64 bytes key.
> > > 
> > > The purpose of a salt is to protect a against dictionary or
> > > rainbow-table (precomputed) attacks. That means that the Salt must be
> > > randomly generated and saved with the password.
> > This will be a enough stong enven with static one to protect against
> > reverse hack for barebox protection
> > 
> > Use a 32 byte pass try to do an attack agaist dictionary.
> > it will take you more than 10 years to break it
> > > 
> > > For setting a new password in barebox, even a low entropy salt will make
> > > attacks significantly more expensive. So we should add some entropy from
> > > user interaction timing in that case.
> > yes we could do this too
> > > 
> > > For hashing a password at compile time, we should get the salt from the
> > > host system.
> > yes
> > 
> > do we really need it?
> 
> Yes, definitely. We must use the algorithms as they are intended to be
> used.
> 
> If we try to move users away from RSA2048 because it will be vulnerable
> in the future, we should not go against established practice for
> password salts by hard-coding it. 
I'm not against it but with the barebox entropy did not see the point to use
it.

so how do we generate the salt? what length

Personnaly I'll prefer

a random 64 bytes | sha256 | take first 32bytes. | pbkdf2 10000 round

result a 64 bytes password file <salt 32 byes><key 32 bytes>

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

  reply	other threads:[~2015-03-16 11:25 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-16 10:13 [PATCH 00/10 v3] prepare for rsa support Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15 ` [PATCH 01/10] digest: add verify callback Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 02/10] command: rename digest.c to hashsum.c Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 03/10] command: allow runtime usage Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 04/10] command: add generic digest command Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:49     ` Jan Lübbe
2015-03-16 14:51       ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 05/10] digest: add digest callback Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 06/10] crypto: add pbkdf2 hmac key generator Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 07/10] password: add pbkdf2 support Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:49     ` Jan Lübbe
2015-03-16 11:01       ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:05         ` Jan Lübbe
2015-03-16 11:25           ` Jean-Christophe PLAGNIOL-VILLARD [this message]
2015-03-16 11:41             ` Jan Lübbe
2015-03-16 11:52               ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:58                 ` Jan Lübbe
2015-03-16 12:10                   ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 13:14                     ` Jan Lübbe
2015-03-16 13:55                       ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 08/10] digest: allow algo to specify their length at runtime Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 09/10] crypto: hmac: use digest_digest and check the return of every digest_xxx Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 10/10] digest: digest_file_window: check every digest_xxx return Jean-Christophe PLAGNIOL-VILLARD

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150316112507.GF26127@ns203013.ovh.net \
    --to=plagnioj@jcrosoft.com \
    --cc=barebox@lists.infradead.org \
    --cc=jlu@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox