[PATCH 07/10] password: add pbkdf2 support

Jean-Christophe PLAGNIOL-VILLARD plagnioj at jcrosoft.com
Mon Mar 16 04:52:04 PDT 2015


On 12:41 Mon 16 Mar     , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 12:25 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > Yes, definitely. We must use the algorithms as they are intended to be
> > > used.
> > > 
> > > If we try to move users away from RSA2048 because it will be vulnerable
> > > in the future, we should not go against established practice for
> > > password salts by hard-coding it. 
> > I'm not against it but with the barebox entropy did not see the point to use
> > it.
> > 
> > so how do we generate the salt? what length
> > 
> > Personnaly I'll prefer
> > 
> > a random 64 bytes | sha256 | take first 32bytes. | pbkdf2 10000 round
> 
> Running SHA-256 on random data is useless for security.
SHA256 is to improve the entrpopy not security
> Just get
> <hash-size> bytes from /dev/urandom on the host. We could generate a
> file with the compile-time SALT which is then included.
> 
> On the running barebox, we could use SHA to hash the old password file
> together with the current timer value. At least until we have something
> better.
> 
> > result a 64 bytes password file <salt 32 byes><key 32 bytes>
> 
> Yes. As we select the algorithm at compile time, we don't the to save it
> in the file.

this is for barebox as we may not have any passwd file

Best Regards,
J.
> 
> Regards,
> Jan
> -- 
> Pengutronix e.K.                           |                             |
> Industrial Linux Solutions                 | http://www.pengutronix.de/  |
> Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
> Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |
> 



More information about the barebox mailing list