[cryptography] PBKDF2 + current GPU or ASIC farms = game over for passwords (Re: TLS2)

ianG iang at iang.org
Tue Oct 1 05:16:20 EDT 2013


On 1/10/13 11:56 AM, ianG wrote:
> On 1/10/13 05:00 AM, dan at geer.org wrote:
>>
>>   >Well clearly passwords are bad and near the end of their life-time
>> with
>>   >GPU advances, and even amplified password authenticated key
>> exchanges like
>>   >EKE have a (so far) unavoidable design requirement to have the server
>>   >store something offline grindable, which could be key stretched,
>> but thats
>>   >it.  PBKDF2 + current GPU or ASIC farms = game over for passwords.
>>
>> Before discarding passwords as yesterday's fish, glance at this:
>>
>> http://www.wired.com/opinion/2013/09/the-unexpected-result-of-fingerprint-authentication-that-you-cant-take-the-fifth
>>
>
>
>
>
> I think the takeaway from this password debate (for me) is that any
> requirements listed for a TLS2 should be something like:
>
> "Integrates well with current and future authentication methods."
>
> (and leave the contenders to duke it out...)



Which leaves open the question (in my mind) as to whether to require this:

"Both end points must authenticate each other."



iang



More information about the cryptography mailing list