[Cryptech-Commits] [sw/libhal] 01/02: Dial back the last-gasp iterations to something sane.

git at cryptech.is git at cryptech.is
Sun Jun 26 05:14:14 UTC 2016

Previous message (by thread): [Cryptech-Commits] [sw/libhal] branch master updated (2cd3b6f -> a161595)
Next message (by thread): [Cryptech-Commits] [sw/libhal] 02/02: Add hal_set_pin_default_iterations so the CLI can use hal_rpc_set_pin with control over iterations.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is an automated email from the git hooks/post-receive script.

paul at psgd.org pushed a commit to branch master
in repository sw/libhal.

commit 0cd8850c6158ca5d263c21b52b8906c974b3cfcc
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Sat Jun 25 23:13:30 2016 -0400

    Dial back the last-gasp iterations to something sane.
    
    I can't see protecting the well-known default password against a
    brute-force attack, and 100k iterations takes almost a minute, which
    makes a terrible first impression.
---
 last_gasp_pin_internal.h    | 6 +++---
 utils/last_gasp_default_pin | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/last_gasp_pin_internal.h b/last_gasp_pin_internal.h
index 96dc879..bbcac76 100644
--- a/last_gasp_pin_internal.h
+++ b/last_gasp_pin_internal.h
@@ -3,7 +3,7 @@
  */
 
 static const hal_ks_pin_t hal_last_gasp_pin = {
-  100000,
-  {0xb8, 0x47, 0xcb, 0x83, 0xdd, 0x93, 0xf7, 0xd7, 0x53, 0x3f, 0xcb, 0xae, 0xc2, 0x19, 0xcd, 0xb9, 0x4e, 0x9d, 0x4e, 0x71, 0x30, 0xcd, 0x01, 0x05, 0x87, 0x6d, 0xa7, 0x03, 0x8d, 0x46, 0x36, 0xf1, 0xcf, 0x55, 0x1f, 0x36, 0x22, 0x9d, 0xc3, 0x18, 0xcd, 0x43, 0x49, 0x14, 0x0b, 0x79, 0x85, 0xf9, 0xd0, 0xa5, 0xb0, 0x9f, 0x43, 0x95, 0xf8, 0xae, 0x01, 0xa0, 0x82, 0xaf, 0xc6, 0xf2, 0x8f, 0xf4},
-  {0x37, 0x6e, 0x15, 0x14, 0x5a, 0xd4, 0x35, 0xaf, 0x1c, 0x81, 0xc2, 0x80, 0x97, 0x18, 0x8d, 0x81}
+  10000,
+  {0x06, 0xe2, 0x10, 0x7b, 0xb8, 0x40, 0xb5, 0x90, 0x33, 0xc8, 0xdb, 0xcc, 0xde, 0x3e, 0xb0, 0x33, 0x2b, 0x7c, 0x60, 0x7c, 0xb4, 0x52, 0xb1, 0x43, 0xa2, 0x20, 0x71, 0xdd, 0xbc, 0x95, 0x92, 0x04, 0xe6, 0x51, 0x90, 0xda, 0x6e, 0x2b, 0x6d, 0x8c, 0xb8, 0x63, 0x8d, 0x59, 0xad, 0xc5, 0xae, 0x6c, 0xf5, 0x7c, 0x75, 0x5e, 0x38, 0x72, 0x06, 0xc5, 0xa9, 0x3b, 0xaa, 0xe9, 0x64, 0x6e, 0xb1, 0x1a},
+  {0x40, 0x49, 0xe4, 0xb6, 0x18, 0x0e, 0xe2, 0xbf, 0x3b, 0x22, 0xc8, 0xfe, 0xeb, 0xef, 0x09, 0x81}
 };
diff --git a/utils/last_gasp_default_pin b/utils/last_gasp_default_pin
index 2d09db1..50d822f 100755
--- a/utils/last_gasp_default_pin
+++ b/utils/last_gasp_default_pin
@@ -54,7 +54,7 @@ parser.add_argument("-p", "--pin",
                     help    = "PIN plaintext before PBKDF2 processing")
 parser.add_argument("-i", "--iterations",
                     type    = int,
-                    default = 100000,
+                    default = 10000,
                     help    = "PBKDF2 iteration count")
 parser.add_argument("-d", "--derived-key-length",
                     type    = int,

Previous message (by thread): [Cryptech-Commits] [sw/libhal] branch master updated (2cd3b6f -> a161595)
Next message (by thread): [Cryptech-Commits] [sw/libhal] 02/02: Add hal_set_pin_default_iterations so the CLI can use hal_rpc_set_pin with control over iterations.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list