On Nov 28, 2009, at 3:07 PM, M.B.Jr. wrote:
Hi,
On Sat, Nov 28, 2009 at 1:47 PM, David Shaw <ds...@jabberwocky.com>
wrote:
The question is: what does GnuPG or OpenSSH do to slow down
password brute-force? I mean does the password derivation function
use
some iterations? If so how many? Can I configure them? I guess so
but
I couldn't find any data on the net on a quick search. (Any
references
are appreciated.)
GnuPG (really OpenPGP) does iterated password hashing. See section
3.7.13
"Iterated and Salted S2K" of RFC-4880 for the fine details, but the
gist is
as you surmised - the passphrase is run through many hash
iterations. This
slows down passphrase guessers as they must also repeat the hashing
part the
same number of times. By default, GnuPG uses 65536 iterations of the
pasphrase hash, but can be configured via the --s2k-count option to
be as
high as 65011712 iterations.
Considering a password/passphrase, which has -- by default, its
65536th hash iteration result, locally stored for comparison.
If I adjust (via --s2k-count) my GnuPG's iterations number, will it
generate and store a new sum value for my actual passphase? Or for
this passphrase specifically, it will continue working with the number
of iterations used by the time the passphrase was created?
The s2k-count is only used when creating the passphrase for the first
time (and that applies to both creating a new secret key as well as
encrypting something with a passphrase via --symmetric). If you want
to change the s2k-count of an existing secret key, you need to set the
new s2k-count and then change the passphrase. You can "change" it to
the same passphrase if you like - it's the creation of a new
passphrase-to-key that picks up the new s2k-count.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
