*** Markus Teich [2018-03-10 21:29]:
>You are correct that it doesn't hurt to add a MAC. I was thinking it wouldn't
>make sense to authenticate to myself. Could you point me to an attack
>scenario
>where not having a MAC in this scheme is bad?
Actually I can not. Well, those data could be forged b
Am 2018-03-11 01:48, schrieb Sergey Matveev:
*** Markus Teich [2018-03-10 17:09]:
I don't know crypto_argon2i. I'd use the standardized HKDF2 scheme to
derive
the key.
HKDF algorithm is not aimed to be used with passwords. It is ok to be
used with Diffie-Hellman outputs for example. Password-
Am 2018-03-11 04:21, schrieb Anselm Garbe:
On 10 March 2018 at 06:08, Markus Teich
wrote:
Should be fine, but the salt should not be secret (you need to sync it
between devices where you want to use this system after all). The
point is
that you can give your encrypted database as it is stored
Hi Markus,
On 10 March 2018 at 06:08, Markus Teich wrote:
> Should be fine, but the salt should not be secret (you need to sync it
> between devices where you want to use this system after all). The point is
> that you can give your encrypted database as it is stored on disk to anyone
> and they
*** Markus Teich [2018-03-10 17:09]:
>I don't know crypto_argon2i. I'd use the standardized HKDF2 scheme to derive
>the key.
HKDF algorithm is not aimed to be used with passwords. It is ok to be
used with Diffie-Hellman outputs for example. Password-derived keys are
required (ideally) to use CPU a
*** Michael Forney [2018-03-08 22:10]:
>I'm no expert either (so follow this at your own risk), but I also did
>some investigation, and I think either of the following schemes would
>work:
>(1)
This scheme seems ok and some kind of classical one. Simple and working.
>It's not clear to me if it's
(1)
Setup:
- Generate a random salt and store somewhere safe.
Note that it should not be required to keep the salt secret.
Encryption:
- Read the salt from its location and the master password from the
console. Use those to generate a key with crypto_argon2i.
I don't know crypto_argon2i. I'd
