Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for the Argon2 password hashing algorithm #65

Closed
mutablestate opened this issue Jan 9, 2016 · 8 comments
Closed

Support for the Argon2 password hashing algorithm #65

mutablestate opened this issue Jan 9, 2016 · 8 comments
Assignees
@riverrun
Labels
suggestion

Comments

@mutablestate
Copy link
Contributor

Proposal to implement Argon2 support from Comeonin.

Why? Recommended by the PHC over 23 other submissions and regarded as the successor to bcrypt.

Technical details

There are 2 variants of the algorithm with Argon2i being more suited to password hashing.

"Argon2i uses data-independent memory access, which is preferred for password hashing and password-based key derivation. Argon2i is slower as it makes more passes over the memory to protect from tradeoff attacks."

"Argon2d is faster and uses data-depending memory access, which makes it suitable for cryptocurrencies and applications with no threats from side-channel timing attacks."

Specifications PDF
Argon2 and Egalitarian Computing (slides)
Password Hashing Competition
Argon2 GitHub repo
@riverrun
Copy link
Owner

From a long-term point of view, I'm obviously very interested in the Argon2 project, but I do not feel that bcrypt or pbkdf2 will become obsolete any time soon, and so it's not high on my list of my priorities.
At the moment, I'm going to find out more about it, and if I have time, I will implement it as a separate library (Elixir or Erlang), after which I can think about the viability of merging it with Comeonin.

@seanabrahams
Copy link

I like your "take it slow" approach here with Argon2, but if the results are to be believed you may want to update the following line in the README: Comeonin uses the most secure, up-to-date hashing schemes.

Maybe add a note about Argon2, Comeonin uses the most secure, up-to-date hashing schemes (Argon2 support TBA. See https://github.com/elixircnx/comeonin/issues/65).

@riverrun
Copy link
Owner

I'll add a note to the README, and I'll leave this issue open so that other people can add their comments to this discussion.

@riverrun riverrun assigned riverrun and unassigned mutablestate Jan 14, 2016
@drewblas
Copy link

I too like the "take it slow" approach. Argon2i being so new it's still being analyzed by those outside of the PHC group. For example, there are already small attacks against it being found: http://permalink.gmane.org/gmane.comp.security.phc/3606

@riverrun
Copy link
Owner

Thanks for the info.

@riverrun
Copy link
Owner

I've started work on an Elixir implementation of Argon2. It should be ready for people to try it out within a few days.

I'm going to maintain it as a separate library at the moment, and we'll see how things go.

@riverrun
Copy link
Owner

riverrun commented Dec 3, 2016

Closing this issue in favor of giving more information in the README and main Comeonin module docs.
There is also now an Argon2 page in the wiki.

@riverrun riverrun closed this as completed Dec 3, 2016
@riverrun
Copy link
Owner

Update: according to the current plans, Argon2 will be supported as an optional dependency (all the algorithms will be optional) in version 4. See the version_4 branch to see the initial work on this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@riverrun riverrun

Labels
suggestion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@drewblas @seanabrahams @riverrun @mutablestate