exaexa
commented
7 years ago No possibility at the moment. I didn't have time to implement that feature yet.
Patches/pull requests welcome 😉
Closed ghost closed 7 years ago
exaexa
commented
7 years ago No possibility at the moment. I didn't have time to implement that feature yet.
Patches/pull requests welcome 😉
vstoykovbg
commented
7 years ago This is critical feature.
What is the point of using post-quantum cryptography if the private key is not protected? The user would like to encrypt the private key and store it on "cloud" services (because what is the point to keep off-site backup of your data if you don't keep off-site backup of your key).
Also there should be a CPU and memory intensive key stretching when protecting the key with a passphrase.
Which key stretching functions are quantum computer proof?
I am using scrypt with additional sha512: sha512(key+salt+digest_from_heavy_scrypt_cycles).
Here is the proof of concept code: https://github.com/vstoykovbg/slowkdf
Is this key stretching function useful against quantum computers?
exaexa
commented
7 years ago @vstoykovbg any suggestions on parameters for scrypt?
exaexa
commented
7 years ago ...also, is there some good alternative for getpass(3) which is now marked obsolete?
exaexa
commented
7 years ago Work in progress in 578691f45efed9c15bcb6e93001dc01858b56d44 (keyring-passwords branch), @vstoykovbg @deltaspectre could you test it after I finish it for privkeys? (It currently works on symmetric keys, but the rest of the expansion is more or less trivial)
exaexa
commented
7 years ago Completed in 104ee129511d1164d05a06ac5d5ca39edbb20d4c , scheduled for merging to 1.8
I'll close this issue and go through some testing. If you find issues, please report them (as separate bugs).
Mirek, Which symmetric key algorithm ( AES , XSalsa20 ... ) is used to protect the private key generated in Codecrypt , if at all ?