kevinlewi
commented
4 days ago Hi @nikgraf, the configurations section caveats these parameter choices with the following statement:
Absent an application-specific profile, the following configurations are RECOMMENDED:
It's difficult for the draft to take a stance on these parameters which would work for all contexts, and a browser environment / WebAssembly with limited memory would definitely constitute as an "application-specific profile" in my mind. So, if I were you, I would go with the "2^16 (64MB) memory, 3 iterations, 4 parallelism" option that the Argon2id RFC recommends.
However, I don't think we will change the existing draft text to accommodate this option, since the text already comes with the caveat mentioned above.
Hope this helps!
I'm the maintainer of https://github.com/serenity-kit/opaque which is a WebAssembly package on top of opaque-ke.
I'm wondering if the recommended configurations for argon2id should be extended or changed.
In a browser environment (Chrome on a MacBook Pro M1 2020, 16GB RAM) running client.finishRegistration and client.finishLogin each run for about ~13 seconds. This is with the recommended configuration of 2GB memory, one iteration and parallelism of 4.
I'm wondering if the recommended configuration should be changed or extended to also include a configuration that makes sense for such a browser environment.
Possible option:
Another option would be one of those: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
Note: We noticed that when using 2^21 memory WebAssembly would error once the function is invoked. It works with (2^21)-1. This could be an implementation detail, but thought it was worth mentioning.
Feedback is very welcome. If it doesn't make sense to change the options I'm wondering what might be good parameters as defaults/presets in our case. Here our WIP PR: https://github.com/serenity-kit/opaque/pull/127