Closed Evrey closed 6 years ago
bryant
commented
7 years ago That attack paper's been around for a while, but the default time cost in https://github.com/p-h-c/phc-winner-argon2 is still set to 3. Would you mind raising this on their issue tracker too? I think they could offer some perspective on the legitimacy of this attack.
Thanks!
vks
commented
7 years ago According to https://github.com/P-H-C/phc-winner-argon2/issues/182, this can be closed?
Evrey
commented
7 years ago Seems like it.
nicktimko
commented
6 years ago Amusing that Wikipedia linked to these issues mentioning "Argon2 engineers do not recommend that user implementations of Argon2 adjust the number of passes to be 10 or more."
bryant
commented
6 years ago Alright, let's close this.
Also documents the change and adds a reference to the attack paper.
Would it be reasonable to also make
Argon2::newfail with too few passes? While it would help enforcing better Argon2 configurations out in the wild, this would be a breaking change. Even a test breaking change for the already broken existing*_kattests.