Add implementation of the Argon2 password hash.
This is going to be used in the new version of the PPK file format. It was the winner of the Password Hashing Context, which I think makes it a reasonable choice. Argon2 comes in three flavours: one with no data dependency in its memory addressing, one with _deliberate_ data dependency (intended to serialise computation, to hinder parallel brute-forcing), and a hybrid form that starts off data-independent and then switches over to the dependent version once the sensitive input data has been adequately mixed around. I test all three in the test suite; the side-channel tester can only expect Argon2i to pass; and, following the spec's recommendation, I'll be using Argon2id for the actual key file encryption.
Showing
- Recipe 1 addition, 1 deletionRecipe
- ssh.h 12 additions, 0 deletionsssh.h
- sshargon2.c 582 additions, 0 deletionssshargon2.c
- test/cryptsuite.py 211 additions, 0 deletionstest/cryptsuite.py
- test/testcrypt.py 2 additions, 1 deletiontest/testcrypt.py
- testcrypt.c 37 additions, 0 deletionstestcrypt.c
- testcrypt.h 6 additions, 0 deletionstestcrypt.h
- testsc.c 31 additions, 0 deletionstestsc.c
Loading
Please register or sign in to comment