Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

R4R: Bcrypt investigations / benchmarks #3638

Merged
merged 4 commits into from
Feb 13, 2019
Merged

R4R: Bcrypt investigations / benchmarks #3638

merged 4 commits into from
Feb 13, 2019

Conversation

cwgoes
Copy link
Contributor

@cwgoes cwgoes commented Feb 13, 2019
edited
Loading

Closes #3547

  • Linked to github-issue with discussion and accepted design OR link to spec that describes this work.
  • Wrote tests
  • Updated relevant documentation (docs/)
  • Added entries in PENDING.md with issue #
  • rereviewed Files changed in the github PR explorer

For Admin Use:

  • Added appropriate labels to PR (ex. wip, ready-for-review, docs)
  • Reviewers Assigned
  • Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

@cwgoes cwgoes added WIP C:Keys Keybase, KMS and HSMs C:Crypto labels Feb 13, 2019
@cwgoes
Copy link
Contributor Author

cwgoes commented Feb 13, 2019
edited
Loading

Some decent resources on security parameter choice are here and here.

Based on reading those and our current threat model (only a process on the client's machine with access to ~/.gaiacli could copy the encrypted keys and try to brute force them), I think our current security parameter of 12, which takes about a quarter of a second to generate a key from a password, is sufficient for now.

(I've added this to a README.md in the associated directory for future reference)

@cwgoes cwgoes changed the title WIP: Bcrypt investigations / benchmarks R4R: Bcrypt investigations / benchmarks Feb 13, 2019
@codecov
Copy link

codecov bot commented Feb 13, 2019
edited
Loading

Codecov Report

Merging #3638 into develop will decrease coverage by 0.29%.
The diff coverage is n/a.

@@            Coverage Diff            @@
##           develop   #3638     +/-   ##
=========================================
- Coverage    61.29%     61%   -0.3%     
=========================================
  Files          186     187      +1     
  Lines        13998   14065     +67     
=========================================
  Hits          8580    8580             
- Misses        4874    4941     +67     
  Partials       544     544

alexanderbez
alexanderbez suggested changes Feb 13, 2019
View reviewed changes
crypto/keys/mintkey/README.md Outdated Show resolved Hide resolved
crypto/keys/mintkey/README.md Show resolved Hide resolved
jackzampolin
jackzampolin approved these changes Feb 13, 2019
View reviewed changes
Copy link
Member

@jackzampolin jackzampolin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice an clean 👌

@jackzampolin jackzampolin merged commit c9a1c8a into develop Feb 13, 2019
@jackzampolin jackzampolin deleted the cwgoes/bcrypt-investigations branch February 13, 2019 16:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexanderbez alexanderbez alexanderbez approved these changes

@jackzampolin jackzampolin jackzampolin approved these changes

@ebuchman ebuchman Awaiting requested review from ebuchman

@rigelrozanski rigelrozanski Awaiting requested review from rigelrozanski

Assignees
No one assigned
Labels
C:Crypto C:Keys Keybase, KMS and HSMs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cwgoes @alexanderbez @jackzampolin