ietf-openpgp
[Top] [All Lists]

Re: [openpgp] [PATCH] RFC4880bis: Argon2i

2015-11-03 06:18:11
Nils Durner <ndurner(_at_)googlemail(_dot_)com> writes:

We can of course raise the bar by excluding types 1 & 3 entirely.

1 and 3?  I assume you mean 0 and 1, with 2 being unused anyway.  There should
really only be a 3, a straight hash or salted hash is barely better than just
using the password directly.

(They also seem to be virtually unused in practice, some time ago I
inadvertently disabled use of 0 and 1 in my code and, after zero complaints
over this, made the change permanent).

Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp