Open nithinmanoj10 opened 1 year ago
Password hashing is everywhere, from web services' credentials storage to mobile and desktop authentication or disk encryption systems. Yet there wasn't an established standard to fulfill the needs of modern applications and to best protect against attackers. The Password Hashing Competition (PHC) was introduced to come up with new state of the art password hashing functions to replace legacy ones. From this competition there was one selected winner: Argon2
Argon2 is a password-hashing function that summarizes the state of the art in the design of memory-hard functions and can be used to hash passwords for credential storage, key derivation, or other applications. It has a simple design aimed at the highest memory filling rate and effective use of multiple computing units, while still providing defense against tradeoff attacks (by exploiting the cache and memory organization of the recent processors). It has better password cracking resistance (when configured correctly) than PBKDF2, Bcrypt and Scrypt (for similar configuration parameters for CPU and RAM usage).
The Argon2 function has several variants
Argon2 has the following config parameters
As of now there are no public cryptanalysis conducted on Argon2d, though there were two attacks conducted on Argon2i. The first attack is applicable only to the old version of Argon2i. According to the Argon2 authors, this attack vector was fixed in version 1.3. While the second has been extended to the latest version (1.3), the Argon2 authors claim that this attack is not efficient if Argon2i is used with three or more passes. They further improved the attack and showed that in order for the attack to fail, Argon2i v1.3 needs more than 10 passes over memory.
When configured properly Argon2 is considered a highly secure KDF function, one of the best available in the industry, so you can use it as general purpose password to key derivation algorithm, e.g. to when encrypting wallets, documents, files or app passwords. In the general case Argon2 is recommended over Scrypt, Bcrypt and PBKDF2.
Literature review for the Key-Derivation Function Argon2