search

ArweaveTeam / arweave-js

Browser and Nodejs client for general interaction with the arweave protocol and gateways
MIT License
594 stars 129 forks source link

Security: parameterize `Arweave.crypto.{encrypt|decrypt}` PBKDF2 iterations #175

Open elliotsayes opened 2 years ago

elliotsayes commented 2 years ago

From node-driver.ts, NodeCryptoDriver.encrypt:

const derivedKey = crypto.pbkdf2Sync(
  key,
  (salt = salt ? salt : "salt"),
  100000,
  32,
  this.hashAlgorithm
);

Specifies a hardcoded 100,000 iterations. However, OWASP recommends 310,000 iterations for PBKDF2-HMAC-SHA256:

The work factor for PBKDF2 is implemented through an iteration count, which should set differently based on the internal hashing algorithm used.

PBKDF2-HMAC-SHA1: 720,000 iterations
PBKDF2-HMAC-SHA256: 310,000 iterations
PBKDF2-HMAC-SHA512: 120,000 iterations

source: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2

The default should not be change for backward compatibility with Smartweave contracts, however new contracts should be given the option to use a more secure setting to allow for future-proofing.

rosmcmahon commented 1 year ago

does the same problem exist in the existing webcrypto interface?

i think the whole node-crypto webcrypto duality will eventually be removed in favour of a unified webcrypto interface. ref => https://nodejs.org/dist/latest-v18.x/docs/api/webcrypto.html