[tahoe-dev] Idea for a Publish/Subscribe Message System on Tahoe-LAFS
James A. Donald
jamesd at echeque.com
Sun Apr 8 23:26:58 UTC 2012
On 2012-04-09 7:13 AM, Shawn Willden wrote:
> I find that strip rather disappointing (even after correcting the URL so it
> works). Munroe usually does his homework better than that. 44 bits of
> entropy really isn't very much these days, and his estimate of 550 years to
> guess assumes a 1000 passwords per second testing rate, which is at least
> three orders of magnitude too low -- for a single CPU.
Not so: Rather, two orders of magnitude too high.
Normally, in systems potentially subject to offline attack, the
programmer has a slow and elaborate system for deriving the key from the
passphrase.
The key derivation should take around a third of a second or so if done
on the same system on which the encryption was done, so the offline
attack typically can do three passwords per second, more if the offline
attack is done on a powerful system, but a thousand passwords per second
is very powerful attack system.
In systems subject to online attack, the server should penalize the ip
address, the entire group of ip addresses, and the username for each
wrong guess with slower and slower service.
More information about the tahoe-dev
mailing list