[pass] New approach

Matthieu Weber mweber at free.fr
Thu Jun 5 19:09:25 CEST 2014

On Thu 05.06.2014 at 12:55:06PM -0400, Kevin Cox wrote:
> On 05/06/14 12:28, Santiago Borrazás wrote:
> > 
> > What do you think about storing password with this approach?
> Disclaimer: I am not a cryptographer.

Neither am I.
> If you assume that your hash function is a random oracle and nobody
> knows your "master" password then it should be perfectly secure.

The program uses bcrypt, which has been designed to be very slow to run
and makes brute-force attack (even against dictionaries) impractical
(especiall on GPUs, by design of the algorithm). From this point of
view, bcrypt is much safer for hashing passwords than usual hashing
algorithms (e.g., SHA1) which have been designed to be fast to run
(especially on GPUs).
> However, if an attacker gains access to a single password they can work
> out your master password especially if it is weak.  (They can brute
> force it, so if the entropy is high enough this should be impractical)

If the master password is long enough, it is safe.

 (~._.~)            Matthieu Weber - mweber at free.fr              (~._.~)
  ( ? )                http://weber.fi.eu.org/                    ( ? ) 
 ()- -()          public key id : 0x85CB340EFCD5E0B3             ()- -()
 (_)-(_) "Humor ist, wenn man trotzdem lacht (Otto J. Bierbaum)" (_)-(_)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20140605/18717bca/attachment.asc>

More information about the Password-Store mailing list