[cryptography] replacing passwords with keys is not so hard (Re: PBKDF2 + current GPU or ASIC farms = game over for passwords)
stephen.farrell at cs.tcd.ie
Tue Oct 1 17:35:34 EDT 2013
On 10/01/2013 10:12 AM, Adam Back wrote:
> its impolite to point at your own designs
Heh, I guess its ok to pile on so:-)
HOBA [1,2] is our similar idea. More focused on lower assurance
settings for now at least, on the basis that those passwords are
arguably more likely to leak and on being a straight drop-in
replacement a site can do all by themselves.
But the goal of getting rid of crappy passwords is the same and
is laudable mostly regardless of the scheme specifics.
More information about the cryptography