Skip to content

Derive hash length for Pbkdf2PasswordEncoder #11946

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 4 commits into from
Closed

Derive hash length for Pbkdf2PasswordEncoder #11946

wants to merge 4 commits into from

Conversation

jgrandja
Copy link
Contributor

@jgrandja jgrandja commented Oct 3, 2022

Closes gh-10489

@jgrandja jgrandja added status: duplicate A duplicate of another issue in: crypto An issue in spring-security-crypto type: bug A general bug labels Oct 3, 2022
@jgrandja jgrandja added this to the 6.0.0-RC1 milestone Oct 3, 2022
@jgrandja jgrandja self-assigned this Oct 3, 2022
@jgrandja jgrandja requested a review from rwinch October 3, 2022 21:57
@jgrandja
Update default configuration for Argon2PasswordEncoder
e0c49a4 
The recommended minimums for Argon2, as per OWASP Cheat Sheet Series (https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html), are:
Use Argon2id with a minimum configuration of 15 MiB of memory, an iteration count of 2, and 1 degree of parallelism.

Previous default configuration:
memory=4, iterations=3, parallelism=1

New default configuration:
memory=16, iterations=2, parallelism=1

Issue spring-projectsgh-10506
@jgrandja
Update default configuration for SCryptPasswordEncoder
e81a30b 
The recommended minimums for scrypt, as per OWASP Cheat Sheet Series (https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html), are:
Use scrypt with a minimum CPU/memory cost parameter of (2^16), a minimum block size of 8 (1024 bytes), and a parallelization parameter of 1.

Previous default configuration:
cpuCost=16384, memoryCost=8, parallelism=1

New default configuration:
cpuCost=65536, memoryCost=8, parallelism=1

The default salt length was also updated from 64 to 16.

Issue spring-projectsgh-10506
@jgrandja
Update default configuration for Pbkdf2PasswordEncoder
a173a71 
The recommended minimums for PBKDF2, as per OWASP Cheat Sheet Series (https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html), are:
If FIPS-140 compliance is required, use PBKDF2 with a work factor of 310,000 or more and set with an internal hash function of HMAC-SHA-256.

Previous default configuration:
algorithm=SHA1, iterations=185000, hashLength=256

New default configuration:
algorithm=SHA256, iterations=310000, hashLength=256

The default salt length was also updated from 8 to 16.

Issue spring-projectsgh-10506
@jgrandja
Derive hash length for Pbkdf2PasswordEncoder
b6cda4f 
Closes spring-projectsgh-10489
@jgrandja jgrandja force-pushed the gh-10489-pbkdf2-derive-hash-length branch from 8fc40bf to b6cda4f Compare October 4, 2022 13:09
@jgrandja
Copy link
Contributor Author

jgrandja commented Oct 5, 2022

Closing in favour of gh-11904

@jgrandja jgrandja closed this Oct 5, 2022
@jgrandja jgrandja removed this from the 6.0.0-RC1 milestone Oct 5, 2022
@jgrandja jgrandja deleted the gh-10489-pbkdf2-derive-hash-length branch October 5, 2022 20:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rwinch rwinch Awaiting requested review from rwinch

Assignees

@jgrandja jgrandja

Labels

in: crypto An issue in spring-security-crypto status: duplicate A duplicate of another issue type: bug A general bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Update default configuration for Pbkdf2PasswordEncoder

1 participant

@jgrandja