h4waii Posted November 18, 2016 Report Posted November 18, 2016 Please add the option for user selectable rounds. 24000 is WAY too low, and people should be able to increase it, regardless of the time-cost to access the data. This should be a user defined field in all applications, even if it's hidden behind an "advanced" tab.
Vinod Kumar Posted November 18, 2016 Report Posted November 18, 2016 Hi @h4waii, The decision of 24000 iterations was taken few year back to ensure compatibility between all possible supported devices without any significant effect on performance . Now every device has more computing power and we certainly need to upgrade number of iterations. We are planning a major UI/database/sync engine redesign of Enpass next year, that will be perfect time to implement this. 3
Travis Posted January 10, 2017 Report Posted January 10, 2017 +1 for this. Provide a sensible default and allow people to pick. If they want to wait a little longer for the app to open in exchange for more security, let them.
lucas Posted March 23, 2017 Report Posted March 23, 2017 (edited) @Vinod Kumar AFAIK sqlcipher doesn't allow to change the number of iterations. How are you planning to achieve that? By changing the enc/dec engine? Edited March 23, 2017 by lucas
Vinod Kumar Posted March 24, 2017 Report Posted March 24, 2017 18 hours ago, lucas said: @Vinod Kumar AFAIK sqlcipher doesn't allow to change the number of iterations. How are you planning to achieve that? By changing the enc/dec engine? Sqlcipher has api 'PRAGMA kdf_iter' to configure number of iterations for needed.
lucas Posted March 28, 2017 Report Posted March 28, 2017 And are you using SHA1 as hash func? Any plan to change it?
Vinod Kumar Posted April 26, 2017 Report Posted April 26, 2017 Hi @lucas, I think you are pointing towards the recent SHA-1 collision attack. PBKDF2 in SQLCipher use HMAC-SHA1 and it is still secure. Both are not quite the same thing.
Recommended Posts