IDKey vs ID - Githubissues

alexedwards / argon2id

Argon2id password hashing and verification for Go

MIT License

452 stars 44 forks source link

IDKey vs ID #4

Closed sylvain101010 closed 4 years ago

sylvain101010 commented 4 years ago

Hi, first of all thank you for your work! It's great!

I can't find why you use argon2.IDKey instead of argon2.Key. Can you explain me the differences?

alexedwards commented 4 years ago

The Argon2 algorithm has 3 variants which work slightly differently: Argon2d, Argon2i and Argon2id.

In general, for password hashes that are stored in a databse you should use the Argon2id variant. This is essentially a hybrid of the Argon2d and Argon2i algorithms and uses a combination of data-independent memory access (for resistance against side-channel timing attacks) and data-depending memory access (for resistance against GPU cracking attacks).

sylvain101010 commented 4 years ago

Ho ok thank you very much! I totally missed the introduction godoc explaining this.

Thank you!