cryptopasta icon indicating copy to clipboard operation
cryptopasta copied to clipboard

Published 20 hours ago verified publisher icon gtank

Implement NewKeyFromPassword

Open gtank opened this issue 8 years ago • 2 comments

golang.org/x/crypto/scrypt is the right approach, but it introduces some critical questions:

  1. N, r, and p need to be benchmarked on modern systems since the paper is from 2009.
  2. The paper, Go docs, and broader internet lack clear guidance on generation & management of scrypt salts.

Until these are resolved, the package should continue to advise random AES keys.

gtank avatar Jul 08 '16 00:07 gtank

This post and its follow-up have some useful recent benchmarks of KDFs: https://pthree.org/2016/06/28/lets-talk-password-hashing/

titanous avatar Jul 16 '16 23:07 titanous

Interesting benchmarks extensions

jaylams avatar Jul 17 '16 23:07 jaylams