[maqp]

>Uses current state of art algos. Pro: Resistant to access by known methods.

AES-GCM is fine sure, but the password hashing function PBKDF2-HMAC-SHA1, i.e. what turns the user's weak password into the AES-key, is the opposite of state-of-the-art in this case.

[bobkazamakis]

Please share this silver bullet pake with the rest of the class?

[SgtBastard]

Argon2-HMAC-SHA512 more like it? Or something else?

[maqp]

Argon2 is built on top of BLAKE2 but the hash function isn't what's making it so effective, it's memory hardness, i.e. it fills the RAM when deriving a key from password, which makes massively parallel attacks impractical because GPUs / ASICs don't have petabytes of RAM just lying around.

[SgtBastard]

Cool thank you - thought so, but always good to check :)