ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] details of 4880bis work

2015-04-16 03:19:17
from [Peter Gutmann] [Permanent Link] 
Jon Callas <jon(_at_)callas(_dot_)org> writes:


e) update S2K with something more modern (PBKDF2, HKDF, scrypt?),
  deprecate all the other mechnanisms explicitly


Agree completely on just using PBKDF2.

You could put other more modern password grinders in, or even leave it open
for new technologies to be introduced easily.


With any luck the PHC will be done by the time any new PGP RFC is published,
so there'd be a well-designed, attack-resistant password-processing function
ready to use.

Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] 4880bis: Compression, Werner Koch
Next by Date:  Re: [openpgp] details of 4880bis work, Vincent Breitmoser
Previous by Thread:  Re: [openpgp] Key Usage, Designated Revocation, ianG
Next by Thread:  [openpgp] Fingerprints, Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]