Return to Add_Argon2_password_hashing.mdwn CVS log

Up to [NetBSD Developer Wiki] / wikisrc / projects / project

Annotation of wikisrc/projects/project/Add_Argon2_password_hashing.mdwn, revision 1.4

1.1       wiki        1: [[!template id=project
                      2: 
                      3: title="Add Argon2 password hashing"
                      4: 
                      5: contact="""
                      6: [tech-userlevel](mailto:tech-userlevel@NetBSD.org),
                      7: [tech-crypto](mailto:tech-crypto@NetBSD.org)
                      8: """
                      9: 
                     10: mentors="""
                     11: [Martin Husemann](mailto:martin@NetBSD.org),
                     12: [Alistair G. Crooks](mailto:agc@NetBSD.org)
                     13: """
                     14: 
                     15: category="userland"
                     16: difficulty="medium"
                     17: duration="3 months"
1.4     ! maya       18: done_by="Jason High"
1.1       wiki       19: 
                     20: description="""
1.2       sevan      21: We are currently offering to store local users passwords (in `/etc/master.passwd`) using various encodings, including MD5, SHA1 and blowfish.
1.1       wiki       22: None of this is state of the art from a modern cryptography point of view.
                     23: 
1.3       sevan      24: The goal of this project is to extend the existing mechanism (see [[!template id=man name="passwd.conf" section="5"]] by a modern algorithm, the winner
1.1       wiki       25: of the [password hashing competition](http://www.password-hashing.net/), Argon2.
                     26: 
                     27: This means integrating the Argon2 reference implementation into the NetbSD source tree and library build,
                     28: in a general form allowing its use for other purposes as well (as a hmac-style keyed hash function).
                     29: Of course it has to build on all architectures. An optional step to be done later in the project is to use
                     30: native crypto instructions on various architectures to enhance performance.
                     31: 
                     32: After making this function available, the main step is to enhance the passwd configuration functions,
1.3       sevan      33: [[!template id=man name="pwhash" section="1"]], [[!template id=man name="passwd" section="1"]], [[!template id=man name="passwd" section="5"]] and everything around that where necessary to allow storing local users
1.1       wiki       34: passwords in the new format.
                     35: """
                     36: ]]
                     37: 
                     38: [[!tag gsoc]]