Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Zerobinpaste updates: seed prng from /dev/(u)random, shorter keys #41
Finally got around to poke js for alternative encryption methods and haven't really found anything marginally better to justify the effort of swapping the current scheme - shorter keys can already be fairly safe due to pbkdf2 in place (though 1k iterations isn't much at all).
What I found however is that sjcl doesn't seem to be written with node.js in mind and its
118b0ce uses much shorter 48-bit keys (8 chars), still allowing user to configure arbitrarily-longer ones (should be easy to do via
Combined with cb8e52b (will open separate PR), urls go from this:
As these keys are purely client-side, there should be no compatibility issues of any kind.