|
|
|
|
|
|
by StavrosK
4154 days ago
|
|
|
Isn't that the standard? We always time the iterations for a specific time delay on the specific device and use that, and that's what, for example, LastPass (IIRC) does. That still does nothing for the fact that a GPU will be thousands of times faster than a mobile. |
|
|
SQLCipher uses PBKDF2 as a standard mechanism to compute a key, however by default it uses a static iteration length, currently 64,000.
The problem is often that the device spread varies greatly and often a given application will target more than one device. You can watch our presentation covering the details here:
https://www.youtube.com/watch?v=b8TNHZ7fWzg&list=PLdIqs92nsI...