[cryptography] Current state of brute-forcing random keys?

Nico Williams nico at cryptonector.com
Thu Jun 9 21:17:26 EDT 2011

On Thu, Jun 9, 2011 at 7:34 PM, Solar Designer <solar at openwall.com> wrote:
> On Thu, Jun 09, 2011 at 05:22:59PM -0500, Nico Williams wrote:
>> And for remote password-based authentication we'll want to start using
>> ZKPPs
> This doesn't prevent offline password guessing attacks after a
> (temporary) server compromise.
> I think there's still a need for better password hashing on servers.

Indeed, we still need KDFs in augmented ZKPPs.


More information about the cryptography mailing list