|
|
|
|
|
|
by wahern
2407 days ago
|
|
|
That's great, but that's not how you approach security engineering. It's like security through obscurity. Operationally it may have value, but you don't premise your security on such an approach. Relying on a cost factor-based KDF is like relying on the grizzled machine engineer in the basement who keeps things humming along with wire and duct tape. Great if it works for you, but it's ridiculous to sit down at a table among engineers discussing design elements and say, "Hey, this is a crappy and fundamentally broken design, but I got guy who might be able to make it work for a little while." Imagine if we "fixed" TLS AES-CBC or similar probabilistic active MITM leaks by simply running the AES-CBC cipher a few thousand additional times over each block, reducing the rate at which an attacker could iteratively reveal the plain text by rate-limiting throughput at the ends. It'd be a ludicrous proposal. Yet that's exactly what cost factor-based KDFs do. |
|
|