[tahoe-dev] convergent encryption reconsidered -- salting and key-strengthening

[Ben Laurie]

zooko wrote:
> Think of it like this:
> 
> Passwords are susceptible to brute-force and/or dictionary attack.   
> We can't, in general, prevent attackers from trying guesses at our  
> passwords without also preventing users from using them, so instead  
> we employ various techniques:
> 
>   * salts (to break up the space of targets into subspaces, of which  
> at most one can be targeted by a given brute-force attack)
>   * key strengthening (to increase by a constant factor the cost of  
> checking a password)
>   * rate-limits for on-line tries (i.e., you get only a small fixed  
> number of wrong guesses in a row before you are locked out for a time- 
> out period)

You forgot:

   * stronger passwords

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff