diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-08-07 18:49:15 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-08-07 18:51:09 -0400 |
commit | 07bd29a80ed36c63296214af34689d0cce14751f (patch) | |
tree | c22aa59dde551c5fb7f54f26e406c70dc441171f /Encryption.hs | |
parent | 6f2d6120533070ce48bbc1e12465d1f7d603aec8 (diff) | |
download | keysafe-07bd29a80ed36c63296214af34689d0cce14751f.tar.gz |
reorg, and working on serialization
Diffstat (limited to 'Encryption.hs')
-rw-r--r-- | Encryption.hs | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/Encryption.hs b/Encryption.hs index 50fa0fb..be0a234 100644 --- a/Encryption.hs +++ b/Encryption.hs @@ -4,9 +4,7 @@ module Encryption where import Types import Cost -import Tunables import ExpensiveHash -import Data.Word import Data.Bits import Data.Monoid import Data.Maybe @@ -28,22 +26,23 @@ instance Bruteforceable KeyEncryptionKey UnknownPassword where -- | The ExpensiveHash of the Password is combined with a -- RandomObstacle to form the AES key. Combination method is logical OR. genKeyEncryptionKey :: Tunables -> KeyIdent -> Password -> IO KeyEncryptionKey -genKeyEncryptionKey tunables keyident password = do - ob@(RandomObstacle ok) <- genRandomObstacle tunables - -- Truncate the hash to the AES key length. - let truncatedhashb = B.take (B.length (toByteString ok)) hashb - let k = fromMaybe (error "genKeyEncryptionKey fromByteString failed") $ - fromByteString truncatedhashb - let strongk = mixinRandomObstacle ob k - return $ KeyEncryptionKey strongk decryptcost bruteforcecalc +genKeyEncryptionKey tunables keyident password = case decryptionPuzzleTunable tunables of + KeyBlindingLeftSide puzzlecost -> do + ob@(RandomObstacle ok) <- genRandomObstacle tunables + -- Truncate the hash to the AES key length. + let truncatedhashb = B.take (B.length (toByteString ok)) hashb + let k = fromMaybe (error "genKeyEncryptionKey fromByteString failed") $ + fromByteString truncatedhashb + let strongk = mixinRandomObstacle ob k + let decryptcost = CombinedCost puzzlecost (castCost hashcost) + -- To brute force data encrypted with this key, + -- an attacker needs to pay the decryptcost for + -- each password checked. + let bruteforcecalc = bruteForceLinearSearch decryptcost + return $ KeyEncryptionKey strongk decryptcost bruteforcecalc where (ExpensiveHash hashcost hashb) = expensiveHash tunables salt password salt = Salt keyident - decryptcost = CombinedCost (decryptionPuzzleCost tunables) (castCost hashcost) - -- To brute force data encrypted with this key, - -- an attacker needs to pay the decryptcost for each password - -- checked. - bruteforcecalc = bruteForceLinearSearch decryptcost -- | A random value which can be mixed into an AES key to -- require decrypting it to perform some brute-force work. @@ -67,11 +66,13 @@ sizeRandomObstacle tunables = ceiling $ nbits / 8 -- in 2016, a GPU can run AES at 10 GB/s. bytespersecond = 10*1024*1024*1024 triespersecond = bytespersecond `div` fromIntegral (objectSize tunables) - targetseconds = case decryptionPuzzleCost tunables of - GPUCost (Seconds n) -> n - _ -> error "decryptionPuzzleCost must be a GPUCost" + targetseconds = case decryptionPuzzleTunable tunables of + KeyBlindingLeftSide cost -> case cost of + GPUCost (Seconds n) -> n + _ -> error "decryptionPuzzleCost must be a GPUCost" -- Add one bit of entropy, because a brute-force attack will -- on average succeed half-way through the search space. + nbits :: Double nbits = logBase 2 (fromIntegral $ targetseconds * triespersecond) + 1 mkRandomObstacle :: AES.KEY256 -> Int -> AES.KEY256 |