V4 #51
Comments
|
I would also recommend as others have suggested to move the signatures to |
|
The Argon2 library has come to GitHub and is under active development. As such it's a bit fluid at the moment, but should have links to various builds for use in JS, Node, Go, Python, and hopefully I'll have a version for C#. |
|
I think a version 1.3 release of Argon2 is soon forthcoming |
|
@veorq Presented at a recent conference on Argon2, the release is stable now and starting to see use in the wild. https://bsideslv2016.sched.org/event/7YOA/whats-up-argon2-the-password-hashing-winner-a-year-later |
|
Is there still a planned release for V4? |
|
I finally got around to porting the Argon2 library to a .NET friendly C++ version. You can find it here: I would, at this point, also suggest replacing XSalsa20 with either ChaCha20, or NORX64-6-2 (if it survives the CAESAR stream cipher competition, currently underway). ChaCha20 is an evolution of Salsa with better bit diffusion. NORX uses a similar scrambling technique to ChaCha and a sponge construction akin to Keccak. NORX replaces all the addition operations with an XOR-Shift approximate equivalent (the name NORX comes from Not-Addition Rotation XOR). It also has optional Header/Footer inputs for chaining or adding other strings. |
|
Version 4 as published (with the only change being the removal of TwoFish) has been implemented in my port for C#, so I'm going to recommend closing this issue. The discussion of what should replace TwoFish (if anything) and SCRYPT (such as Argon2) for V5 should be a separate thread/issue. |
|
The final CAESAR portfolio has been announced: https://competitions.cr.yp.to/caesar-submissions.html |
As per Dustin's recommendations, consider Argon2 rather than scrypt, and also newly FIPS-certified SHA3 final rather than our Keccak precursor.
The text was updated successfully, but these errors were encountered: