Closed Evrey closed 6 years ago
That attack paper's been around for a while, but the default time cost in https://github.com/p-h-c/phc-winner-argon2 is still set to 3. Would you mind raising this on their issue tracker too? I think they could offer some perspective on the legitimacy of this attack.
Thanks!
According to https://github.com/P-H-C/phc-winner-argon2/issues/182, this can be closed?
Seems like it.
Amusing that Wikipedia linked to these issues mentioning "Argon2 engineers do not recommend that user implementations of Argon2 adjust the number of passes to be 10 or more."
Alright, let's close this.
Also documents the change and adds a reference to the attack paper.
Would it be reasonable to also make
Argon2::new
fail with too few passes? While it would help enforcing better Argon2 configurations out in the wild, this would be a breaking change. Even a test breaking change for the already broken existing*_kat
tests.