diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-11 23:46:42 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-11 23:46:42 -0400 |
| commit | 863393ab2c656759e1c225537f692961d70041dc (patch) | |
| tree | 355a249c9931196887b4b7286b059d62beee02d2 /Tunables.hs | |
| parent | 891347401d603ded3db2efe3a67cd289ada08cb0 (diff) | |
| download | keysafe-863393ab2c656759e1c225537f692961d70041dc.tar.gz | |
don't use IV as puzzle after all
Not a good idea to use IV, because all the parts of the IV that are 0
will not obscure the data in the first block at all.
Instead, sha256 the password to generate the IV, and keep the puzzle as
part of the key.
Diffstat (limited to 'Tunables.hs')
| -rw-r--r-- | Tunables.hs | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/Tunables.hs b/Tunables.hs index ab170a5..1ecccf6 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -60,7 +60,7 @@ data EncryptionTunable = UseAES256 deriving (Show) -- | An additional puzzle that makes decryption more expensive. -data DecryptionPuzzleTunable = UsePuzzleIV (Cost DecryptionOp) +data DecryptionPuzzleTunable = KeyBlindingLeftSide (Cost DecryptionOp) deriving (Show) defaultTunables :: Tunables @@ -74,7 +74,7 @@ defaultTunables = Tunables -- This is set to only 1 minute because GPUs are quite a lot -- faster than CPUs at AES, and so setting it higher would make -- clients too slow at key recovery. - , decryptionPuzzleTunable = UsePuzzleIV (GPUCost (Seconds 60)) + , decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 60)) } where argonoptions = Argon2.HashOptions @@ -96,7 +96,7 @@ testModeTunables = Tunables , objectSize = 1024*64 , expensiveHashTunable = UseArgon2 weakargonoptions argoncost , encryptionTunable = UseAES256 - , decryptionPuzzleTunable = UsePuzzleIV (GPUCost (Seconds 1)) + , decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 1)) } where UseArgon2 argonoptions argoncost = expensiveHashTunable defaultTunables |