diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-08-11 22:19:30 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-08-11 22:19:30 -0400 |
commit | c295cceb01c45e7530022b1edde970f5fbbb03c1 (patch) | |
tree | c4060595adec4bdfc1f9cd882033e1935753eddd | |
parent | 7db612b232a0f8a98fa695da6f14853284def681 (diff) | |
download | keysafe-c295cceb01c45e7530022b1edde970f5fbbb03c1.tar.gz |
round-tripping now working, except for guessing the puzzle
-rw-r--r-- | Encryption.hs | 12 | ||||
-rw-r--r-- | Tunables.hs | 2 | ||||
-rw-r--r-- | keysafe.hs | 2 |
3 files changed, 9 insertions, 7 deletions
diff --git a/Encryption.hs b/Encryption.hs index c712d98..8af25d4 100644 --- a/Encryption.hs +++ b/Encryption.hs @@ -119,15 +119,17 @@ sizePuzzleIV tunables = ceiling $ nbits / 8 -- Add one bit of entropy, because a brute-force attack will -- on average succeed half-way through the search space. nbits :: Double - nbits = logBase 2 (fromIntegral $ targetseconds * triespersecond) + 1 + nbits + | targetseconds < 1 = 0 + | otherwise = logBase 2 (fromIntegral $ targetseconds * triespersecond) + 1 mkPuzzleIV :: Raaz.IV -> Int -> PuzzleIV -mkPuzzleIV randomiv nbytes = PuzzleIV $ - fromMaybe (error "mkRandomIV fromByteString failed") $ - Raaz.fromByteString $ B.take nbytes b <> padding +mkPuzzleIV randomiv nrand = PuzzleIV $ + fromMaybe (error "mkPuzzleIV fromByteString failed") $ + Raaz.fromByteString $ B.take nrand b <> padding where b = Raaz.toByteString randomiv - padding = B.replicate (B.length b - nbytes) 0 + padding = B.replicate (B.length b - nrand) 0 genPuzzleIV :: Tunables -> IO PuzzleIV genPuzzleIV tunables = do diff --git a/Tunables.hs b/Tunables.hs index a2c5f52..18e3f84 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -95,7 +95,7 @@ testModeTunables = Tunables , objectSize = 1024*64 , expensiveHashTunable = UseArgon2 weakargonoptions argoncost , encryptionTunable = UseAES256 - , decryptionPuzzleTunable = UsePuzzleIV (GPUCost (Seconds 1)) + , decryptionPuzzleTunable = UsePuzzleIV (GPUCost (Seconds 0)) } where UseArgon2 argonoptions argoncost = expensiveHashTunable defaultTunables @@ -53,7 +53,7 @@ retrievedemo = do Just (SecretKey sk) -> print sk Nothing -> print ("Failed" :: String, esk) where - password = Password "foo" + password = Password "correct horse battery staple" name = Name "bar" tunables = testModeTunables -- defaultTunables keyid = KeyId gpgKey "foobar" |