commit 9553ad5d8bb130500c68f0216e91ff06f8537214
parent a611b0d1ed737cbc5b9df4e07d5ab9a86f133ee5
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
Date: Tue, 2 Jun 2020 08:31:29 +0000
SCrypt to Argon2
Diffstat:
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/anastasis.rst b/anastasis.rst
@@ -133,10 +133,10 @@ be a social security number together with their full name. Specifics may
depend on the cultural context, in this document we will simply refer to this
information as the **identifier**.
-This identifier will be first hashed with SCrypt, to provide a **kdf_id**
+This identifier will be first hashed with Argon2, to provide a **kdf_id**
which will be used to derive other keys later. The Hash must also include the
respective **server_salt**. This also ensures that the **kdf_id** is different
-on each server. The use of SCrypt and the respective server_salt is intended
+on each server. The use of Argon2 and the respective server_salt is intended
to make it difficult to brute-force **kdf_id** values and help protect user's
privacy. Also this ensures that the kdf_ids on every server differs. However,
we do not assume that the **identifier** or the **kdf_id** cannot be
@@ -147,7 +147,7 @@ likely also be available to other actors.
::
- kdf_id := SCrypt( identifier, server_salt, keysize )
+ kdf_id := Argon2( identifier, server_salt, keysize )
**identifier**: The secret defined from the user beforehand.
