diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-30 14:12:22 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-30 14:12:25 -0400 |
| commit | fe975ad122c77b4936f3e28c868b056fdaf2f842 (patch) | |
| tree | 3b1816d9820720c87acc3d08adcff798f53381ca /TODO | |
| parent | 62a97cabd895001d4dc552823633aabe53d54358 (diff) | |
| download | keysafe-fe975ad122c77b4936f3e28c868b056fdaf2f842.tar.gz | |
Tuned argon2 hash parameters on better hardware than my fanless laptop.
Used a Purism Librem 13. The name generation hash was already ok,
but the key encryption key hash was quite off.
This is not a total blazing top of the line server, but that's ok;
keysafe's hashes are intended to be tuned for commodity hardware.
It should not take a user more than an hour to restore a key.
The spotAWS value is adjusted because AWS's c4.8xlarge instances run at
up to 3.5Ghz, compared with the 2.20Ghz of the Librem 13. Basically
it's one Moore's doubling ahead of the reference laptop.
Diffstat (limited to 'TODO')
| -rw-r--r-- | TODO | 1 |
1 files changed, 0 insertions, 1 deletions
@@ -1,5 +1,4 @@ * test suite (eg, test basic storage and restore of various size data) -* tune hashes on more powerful hardware than thermal throttling laptop * improve restore progress bar points (update after every hash try) * If we retrieved enough shares successfully, but decrypt failed, must be a wrong password, so prompt for re-entry and retry with those shares. |