h4waii Posted November 18, 2016 Report Share Posted November 18, 2016 Please add the option for user selectable rounds. 24000 is WAY too low, and people should be able to increase it, regardless of the time-cost to access the data. This should be a user defined field in all applications, even if it's hidden behind an "advanced" tab. Link to comment Share on other sites More sharing options...
Vinod Kumar Posted November 18, 2016 Report Share Posted November 18, 2016 Hi @h4waii, The decision of 24000 iterations was taken few year back to ensure compatibility between all possible supported devices without any significant effect on performance . Now every device has more computing power and we certainly need to upgrade number of iterations. We are planning a major UI/database/sync engine redesign of Enpass next year, that will be perfect time to implement this. 3 Link to comment Share on other sites More sharing options...
Travis Posted January 10, 2017 Report Share Posted January 10, 2017 +1 for this. Provide a sensible default and allow people to pick. If they want to wait a little longer for the app to open in exchange for more security, let them. Link to comment Share on other sites More sharing options...
SnoFox Posted January 11, 2017 Report Share Posted January 11, 2017 +1 Link to comment Share on other sites More sharing options...
Marius Posted January 11, 2017 Report Share Posted January 11, 2017 +1 Link to comment Share on other sites More sharing options...
Guest Posted February 14, 2017 Report Share Posted February 14, 2017 +1 Link to comment Share on other sites More sharing options...
lucas Posted March 23, 2017 Report Share Posted March 23, 2017 (edited) @Vinod Kumar AFAIK sqlcipher doesn't allow to change the number of iterations. How are you planning to achieve that? By changing the enc/dec engine? Edited March 23, 2017 by lucas Link to comment Share on other sites More sharing options...
Vinod Kumar Posted March 24, 2017 Report Share Posted March 24, 2017 18 hours ago, lucas said: @Vinod Kumar AFAIK sqlcipher doesn't allow to change the number of iterations. How are you planning to achieve that? By changing the enc/dec engine? Sqlcipher has api 'PRAGMA kdf_iter' to configure number of iterations for needed. Link to comment Share on other sites More sharing options...
lucas Posted March 28, 2017 Report Share Posted March 28, 2017 And are you using SHA1 as hash func? Any plan to change it? Link to comment Share on other sites More sharing options...
Vinod Kumar Posted April 26, 2017 Report Share Posted April 26, 2017 Hi @lucas, I think you are pointing towards the recent SHA-1 collision attack. PBKDF2 in SQLCipher use HMAC-SHA1 and it is still secure. Both are not quite the same thing. Link to comment Share on other sites More sharing options...
Recommended Posts