On 2015-01-30 10:46 +0900, NIIBE Yutaka wrote: > specification (and with SHA256). It's default s2kcount is 192 as the > MCU is slow enough, but you can configure it at compile time (like > 65535 for host PC, or more).
On 01/30/2015 04:39 AM, NdK wrote: > Uh, I think this exposes a weakness: if the attacker "somehow" accesses > the EEPROM and reads encrypted key material, a low s2k count means he > can recover plain key material quite faster than with more iterations. You know (unconsciously, perhaps) and wrote "EEPROM", while it's Flash ROM for Gnuk on FST-01. 192 is low. That's somehow intentional artifact by me, so that people can catch it to consider. In our culture, it's not deliberately mean, but a kind of communication tool. Should we have configure time option for that, so that a person won't need to edit manually? Let's discuss on the gnuk-users mailing list. For the data on some EEPROM, weaker key derivation function is on active service, or even there is no key derivation function, I believe. -- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
