dawuud at riseup.net
Sat Sep 10 02:22:27 UTC 2016
scrypt is a key derivation function... the other is not. why compare them?
they are both good for different things, are they not?
here lemme google that for you
On Fri, Sep 09, 2016 at 08:24:09PM -0400, Jesse V wrote:
> On 09/09/2016 07:28 PM, Flipchan wrote:
> > Hi all, so i spook with a friend of mine yesterday and we where chating
> > about encryption and i told him that i use scrypt for password hashing.
> > He told that hmac was alot better.
> > Does anyone know any Good whitepapers on hmac? Any Good python lib? Does
> > anyone use it ?
> The important thing here is that in this context, both scrypt and HMAC
> receive two values: a password and a salt. This provides a defense
> against rainbow tables if your database is compromised. It also avoid
> leaking whether two users have the same password. The idea is to store
> the username, salt, and hashed password in the database.
> Scrypt is useful because it's memory-hard, which means that it better
> resists hardware attacks since the scrypt operation requires precious
> RAM. HMAC is useful because it isn't safe to compute SHA2(salt +
> password) due to the Length Extension Attack against MD5, SHA1, and
> SHA2, but this doesn't necessarily apply in this context. When you say
> "HMAC", I assume that your friend means HMAC_SHA256.
> HMAC_SHA256 is very common for storing passwords and there are many
> papers, libraries, and other resources on it. I would start with the
> Wikipedia article on HMAC and go from there. If you really want to dig
> into the topic, look into Argon2.
> Jesse V
> tor-dev mailing list
> tor-dev at lists.torproject.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: not available
More information about the tor-dev