Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | implement client-server Proof Of Work | Joey Hess | 2016-09-12 |
| | | | | | | | | | | | | | | | | | | | Mashed up a argon2-based PoW with token buckets and bloom filters. This is intended to prevent a few abuses including: * Using a keysafe server for general file storage, by storing a whole lot of chunks. * An attacker guessing names that people will use, and uploading junk to keysafe servers under those names, to make it harder for others to use keysafe later. * An attacker trying to guess the names used for objects on keysafe servers in order to download them and start password cracking. (As a second level of defense, since the name generation hash is expensive already.) Completely untested, but it builds! This commit was sponsored by Andreas on Patreon. | ||
* | comment | Joey Hess | 2016-08-31 |
| | |||
* | make sure to hash a different value each time, to avoid any laziness issues | Joey Hess | 2016-08-30 |
| | |||
* | Improve time estimates, taking into account the number of cores. | Joey Hess | 2016-08-30 |
| | | | | | This only affects time estimates while keysafe is generating hashes; it does not affect cost estimates to brute-force. | ||
* | fix calculation of usedcores | Joey Hess | 2016-08-30 |
| | |||
* | rename var | Joey Hess | 2016-08-30 |
| | |||
* | oops | Joey Hess | 2016-08-30 |
| | |||
* | fence post | Joey Hess | 2016-08-30 |
| | |||
* | use number of physical cores, not including hyper-threading | Joey Hess | 2016-08-30 |
| | | | | CPUCost is per physical core | ||
* | show estimate for all rounds | Joey Hess | 2016-08-30 |
| | |||
* | improve calcuation of expected time for the key encryption key hash | Joey Hess | 2016-08-30 |
| | | | | Take randomSaltBytes into account rather than hardcoding | ||
* | adjust benchmark expected time based on the host's number of cores | Joey Hess | 2016-08-30 |
| | | | | | | The goal of benchmarking the expensive hash is to get an accurate time estimate for a single CPU, but argon2 uses 4 threads, so on a machine with 4 cores, it should only take a quarter as long. | ||
* | more polishing | Joey Hess | 2016-08-19 |
| | |||
* | add progress bars to restore | Joey Hess | 2016-08-17 |
| | | | | also, restore actually works! | ||
* | improve options to select secret key to backup/restore | Joey Hess | 2016-08-16 |
| | |||
* | add --benchmark | Joey Hess | 2016-08-16 |
| | |||
* | switch to random salt byte to make decryption expensive | Joey Hess | 2016-08-16 |
| | |||
* | inline slightly modified version of secret-sharing | Joey Hess | 2016-08-11 |
| | | | | | Needed for efficient serialization of shares, unless upstream takes my suggestion to make the finite field be size 256. | ||
* | nearly able to generate shards now | Joey Hess | 2016-08-11 |
| | |||
* | types for new version storage scheme | Joey Hess | 2016-08-10 |
| | |||
* | reorg, and working on serialization | Joey Hess | 2016-08-07 |
| | |||
* | more cost calculation and refactored Tunables | Joey Hess | 2016-08-06 |
| | |||
* | some basic data types and expensive hashing | Joey Hess | 2016-08-06 |