Talking about Cryptodevices... which one?
NIIBE Yutaka
gniibe at fsij.org
Fri Jan 30 01:26:13 CET 2015
On 2015-01-30 10:46 +0900, NIIBE Yutaka wrote:
> specification (and with SHA256). It's default s2kcount is 192 as the
> MCU is slow enough, but you can configure it at compile time (like
> 65535 for host PC, or more).
On 01/30/2015 04:39 AM, NdK wrote:
> Uh, I think this exposes a weakness: if the attacker "somehow" accesses
> the EEPROM and reads encrypted key material, a low s2k count means he
> can recover plain key material quite faster than with more iterations.
You know (unconsciously, perhaps) and wrote "EEPROM", while it's Flash
ROM for Gnuk on FST-01.
192 is low. That's somehow intentional artifact by me, so that people
can catch it to consider. In our culture, it's not deliberately mean,
but a kind of communication tool.
Should we have configure time option for that, so that a person won't
need to edit manually? Let's discuss on the gnuk-users mailing list.
For the data on some EEPROM, weaker key derivation function is on
active service, or even there is no key derivation function, I
believe.
--
More information about the Gnupg-users
mailing list