end_to_end_encryption_rfc icon indicating copy to clipboard operation
end_to_end_encryption_rfc copied to clipboard

Published 20 hours ago • verified publisher icon nextcloud

Encryption: low iteration count in pbkdf

Open tobiasKaminsky opened this issue 6 years ago • 1 comments
trafficstars

Currently we have 1024 iterations for PBKDF2WithHmacSHA1, which is a bit too low. Recommended is >=10.000.

We should check how long this takes on a low end phone with:

  • 10.000
  • 20.000
  • 50.000

@marinofaggiana @tobiasKaminsky

tobiasKaminsky avatar Feb 04 '19 07:02 tobiasKaminsky

agree.

I would recommend to store the iteration size along the salt in the encrypted privatekey json. That way, we are able to increment the iteration size in a client, detect low iterations etc.

MaxFichtelmann avatar Mar 13 '19 11:03 MaxFichtelmann