[cryptography] Designing a key stretching crypto that maximize use of WebCrypto?

Jeffrey Walton noloader at gmail.com
Thu May 14 08:29:23 EDT 2015

On Mon, May 4, 2015 at 2:10 AM, Fabio Pietrosanti (naif) - lists
<lists at infosecurity.ch> wrote:
> Hi all,
> testing the lovely slowness of a pure scrypt implementation in
> javascript running into the browser, i was wondering anyone ever tried
> to think/design an cryptosystem for key stretching purposes that
> leverage only existing webcrypto API
> (https://www.chromium.org/blink/webcrypto) with the goal to use let's
> say 80% of cpu time on native-crypto-code rather than JS code?
> In the browser native crypto code trough WebCrypto API works obviously
> much faster than JS crypto code (how much?)!
Just bike shedding, but I don't think that's fair to WebCrypto.
WebCrypto provides a standard set of primitives, like hahses. But the
selected hashes are designed to be fast, and not slow or memory hard.

So comparing a WebCrypto PBKDF based on SHA-X is akin to comparing
apples and oranges.

Also see https://lists.w3.org/Archives/Public/public-webapps/2015JanMar/0706.html.


More information about the cryptography mailing list