connect2id / Nimbus-SRP / issues / #2 - Investigate client-side KDF — Bitbucket

Issue #2 resolved

Vladimir Dzhuvinov created an issue 2013-10-04

See suggestion in http://throwingfire.com/secure-remote-password-isnt-bad/

Comments (5)

Vladimir Dzhuvinov reporter
- changed status to open
Added experimental PBKDF support in commit 4e2e879f4ccdcc7c51c8a1395d5f52eb773106db.
- 2014-06-20T14:09:22+00:00
Vladimir Dzhuvinov reporter
PBKDF2 tests fail about 50% of the time???
- 2014-06-20T14:09:59+00:00
simon
- marked as minor
- 2017-03-14T13:48:49+00:00
simon
Folks are free to use whatever key stretching algorithm before they pass the password into SRP. This will the force the attacker to run the same algorithm. As folks can freely “compose” key stretching without us having to change nimbus I will close this old issue.
- 2019-10-27T19:46:18+00:00
simon
- changed status to resolved
won't fix.
- 2019-10-27T19:46:32+00:00
Log in to comment

Assignee: –

Type: task

Priority: minor

Status: resolved

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!