[cryptography] PBKDF2 + current GPU or ASIC farms = game over for passwords (Re: TLS2)

ianG iang at iang.org
Tue Oct 1 05:56:12 EDT 2013

On 1/10/13 12:22 PM, Florian Weimer wrote:
>> Which leaves open the question (in my mind) as to whether to require this:
>> "Both end points must authenticate each other."
> Keep in mind that the client side was deliberately crippled in
> browsers for privacy reasons.  Support used to be much better—you
> could transparently created a client certificate which would
> automatically be used for future TLS handshakes.

Right, another requirement:

"Minimise the leakage of identifying information to eavesdroppers."

These two requirements then might appear opposed.  Or might not, there 
are many ways to skin the connection cat.


More information about the cryptography mailing list