So I have a question for #cryptography fedi, since I have been re-reading details about the argon2i attacks and recent advancements in balloon hashing (and other memory hard algos)...
After looking into this for the last couple of days, is it reasonable to have come to the conclusion that even though argon2id is likely flawed in some ways (and significantly still has not been formally reviewed), it still ends up being the most secure choice compared to other things like scrypt and PBKDF2, no?
I feel like KDFs are having a really hard time lately, all the theoretically great ones are facing either side channel attacks or reductions to the memory hardness, I read a paper proving an attack against scrypt from usenix 2023 as well smh
So I guess even though argon2id isn't great, with the proper tuning parameters it still ends up being more secure than the other options?
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
=> More informations about this toot | More toots from froge@social.glitched.systems
text/geminiThis content has been proxied by September (ba2dc).