[cryptography] PBKDF2 + current GPU or ASIC farms = game over for passwords (Re: TLS2)

ianG iang at iang.org
Tue Oct 1 04:56:58 EDT 2013

On 1/10/13 05:00 AM, dan at geer.org wrote:
>   >Well clearly passwords are bad and near the end of their life-time with
>   >GPU advances, and even amplified password authenticated key exchanges like
>   >EKE have a (so far) unavoidable design requirement to have the server
>   >store something offline grindable, which could be key stretched, but thats
>   >it.  PBKDF2 + current GPU or ASIC farms = game over for passwords.
> Before discarding passwords as yesterday's fish, glance at this:
> http://www.wired.com/opinion/2013/09/the-unexpected-result-of-fingerprint-authentication-that-you-cant-take-the-fifth

I think the takeaway from this password debate (for me) is that any 
requirements listed for a TLS2 should be something like:

"Integrates well with current and future authentication methods."

(and leave the contenders to duke it out...)


More information about the cryptography mailing list