[cryptography] [Cryptography] TLS2
wasabee18 at gmail.com
Mon Sep 30 09:34:27 EDT 2013
On 30/09/13 10:47, Adam Back wrote:
> Well clearly passwords are bad and near the end of their life-time
> with GPU
> advances, and even amplified password authenticated key exchanges like
> have a (so far) unavoidable design requirement to have the server store
> something offline grindable, which could be key stretched, but thats
> it. PBKDF2 + current GPU or ASIC farms = game over for passwords.
what about stronger pwd-based key exchange like SRP and JPAKE?
Passwords don't scale up and are very inconvenient, but are you sure
your argument "PBKDF2 + current GPU or ASIC farms = game over for
passwords" really holds? what about scrypt?
And theoretically, you can always increase the number of rounds in the
hash... I refer to this link too:
Looking forward to ur comments.
More information about the cryptography