diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-11 23:50:56 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-11 23:50:56 -0400 |
| commit | 785a4c17686b2248a4c27e61564604a3999e9c22 (patch) | |
| tree | 963b02a2afdff03f654adb22dd4a83c0c318e621 | |
| parent | 863393ab2c656759e1c225537f692961d70041dc (diff) | |
| download | keysafe-785a4c17686b2248a4c27e61564604a3999e9c22.tar.gz | |
disable decryption puzzle, at least for now
It only adds 1 minute GPU time to each crack attempt, on top of the 10
minutes CPU time needed to argon2 the password. Since my implementation of
the AES puzzle is currently really slow, this is not worth it.
Will revisit when I have a faster AES library to use, or a better puzzle.
| -rw-r--r-- | Tunables.hs | 13 | ||||
| -rw-r--r-- | keysafe.hs | 2 |
2 files changed, 8 insertions, 7 deletions
diff --git a/Tunables.hs b/Tunables.hs index 1ecccf6..0053668 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -69,12 +69,11 @@ defaultTunables = Tunables , objectSize = 1024*64 -- 64 kb , expensiveHashTunable = UseArgon2 argonoptions argoncost , encryptionTunable = UseAES256 - -- AES can be calculated more efficiently by a GPU, so the - -- cost is a GPU cost. - -- This is set to only 1 minute because GPUs are quite a lot - -- faster than CPUs at AES, and so setting it higher would make - -- clients too slow at key recovery. - , decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 60)) + -- Setting this to eg, Seconds 60 only makes each password + -- guess 60 seconds longer on a GPU. But, on a CPU, keysafe + -- has to work for quite a long time to solve such a puzzle. + -- So, currently disabling the puzzle with Seconds 0. + , decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 0)) } where argonoptions = Argon2.HashOptions @@ -96,7 +95,7 @@ testModeTunables = Tunables , objectSize = 1024*64 , expensiveHashTunable = UseArgon2 weakargonoptions argoncost , encryptionTunable = UseAES256 - , decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 1)) + , decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 0)) } where UseArgon2 argonoptions argoncost = expensiveHashTunable defaultTunables @@ -57,6 +57,8 @@ retrievedemo = do hFlush stdout case decrypt kek esk of -- TODO: verify checksum to avoid false positives + -- (It's working without it only because the + -- decryption puzzle is currently disabled.) Just (SecretKey sk) -> print sk Nothing -> go esk rest |