[messaging] Secure OpenPGP Key Pair Synchronization via IMAP (RFC)
Tankred Hase
tankred at whiteout.io
Fri Apr 10 01:38:47 PDT 2015
Hi Daniel,
> Is there reason why you've tied the number of PBKDF2 iterations to the
> version number? Other frameworks like Django separate out the number
> of iterations so that it can be increase the default over time without
> having to make new versions[1].
Good point. We could store the number of iterations in the stored
packet. That way it would be more flexible.
> Also, in the same vein, Django's default is 24,000 iterations[2].
> LastPass uses 100,000[3]. Any particular reason you settled on 10,000?
The "password" being stretched is a 24 char code generated with a
prng, so I'm not sure how much entropy more iterations would add. We
chose 10k mainly due to the performance constraints of JS runtimes.
Tankred
--
Whiteout Networks GmbH c/o Werk1
Grafinger Str. 6
D-81671 München
Geschäftsführer: Oliver Gajek
RG München HRB 204479
More information about the Messaging
mailing list