Comments (3)
Wonderful information, thank you for taking the time to write this up, great job.
Going to take me some time for my old brain to marinate on this, but going to study every word in class next week,
from staticrypt.
More profiling on the time it takes to compute PBKDF2 on my laptop with a decent CPU (Ryzen 7 4750U).
Using Crypto-JS on the decrypt page and averaging two runs for each (for backward compatibility reason, we still do 1k iterations based on SHA1 then Xk iterations based on SHA256):
- 1k + 14k: 323ms (88ms + 235ms)
- 1k + 20k: 399ms (85ms + 314ms)
- 1k + 50k: 859ms (90ms + 769ms)
- 1k + 100k: 1.51s (86ms + 1.42s)
Testing with WebCrypto on Bitwarden help page (which is actually doing more than just computing PBKDF2):
- 100k: 40ms
- 200k: 74ms
- 600k: 160ms
- 1M: 230ms
So WebCrypto is indeed much faster. I think it'd be good for the encrypted page to be accessible even on low end machines. Bitwarden places the bar at 600k or 160ms on my computer. That would be just a few thousands iterations with Crypto-JS - I think we can stretch things a bit and go to 15k total. That would be ~320ms on my laptop, if we assume a low end one would be 4 times slower that's 1.2s to decrypt. Not great, but not inaccessible, plus if you use the "Remember-me" feature you only need to compute it once. And it still adds an order of magnitude to the brute-forcing difficulty, roughly equivalent to adding a random digit to the password.
This trade-off is made more acceptable by the next step: moving to WebCrypto asap. This will allow to raise PBKDF2 to 600k iterations. Thanks to the way the cryptoEngine
is abstracted and PR #139, it will be possible to push WebCrypto to 2.x as an optional parameter - once done, we can display a warning like WARNING: if you're opening the file on HTTPS or as a local file, we recommend you use the more secure '-e|--engine webcrypto' option. This will become the default in the next major release.
to nudge people towards it.
So my current plan is to:
- increase iteration count to 15k using crypto-js
- add the option to switch to WebCrypto with 600k iterations
- make WebCrypto the default in the next major release (breaking change for people accessing the file on http)
from staticrypt.
I've just released 1.4.3 increasing v1 iteration count to 15k - with this, all proposed changes outlined here should be complete.
I'm now closing that issue. Thank you for reading or participating in the reflection!
from staticrypt.
Related Issues (20)
- Remove as much of the code from password_template to allow non-breaking updates
- Make webcrypto engine the only available
- Add confirmation prompt when using a weak password
- Cannot destructure property 'subtle' of 'crypto' as it is undefined. HOT 11
- Missing Package in Latest Release 3.1.0 HOT 2
- Error: Cannot find module 'node:crypto' HOT 3
- Feature: Support usernames, with database HOT 6
- Nothing is happening when clicking "decrypt" on encrypted pages HOT 2
- The `--remember false` option does not work HOT 1
- Page not protected until reload HOT 7
- Question - Is it possible to still use CryptoJS? HOT 4
- setup doesn't work reliably & no CSS HOT 5
- Did not generate encrypted content with "--share" HOT 1
- Auto remember me from shareable link HOT 6
- Please update the home page interface to be compatible with mobile browsers HOT 2
- Encrypt directories recursively but only HTML files HOT 2
- Encrypt page but with no password prompt box HOT 2
- Where have i gone wrong? HOT 2
- Browser Back Navigation Does Not Work HOT 6
- crypto.subtle missing on Safari iOS 17.3.1 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from staticrypt.