[Cryptography] NIST SP 800-63-3
Michael Kjörling
michael at kjorling.se
Mon Aug 14 12:51:43 EDT 2017
On 12 Aug 2017 21:18 +0100, from mattpalms at gmail.com (Matt Palmer):
> Once we have an encryption key stored in an HSM, the offline cracking
> threat goes away unless the attacker can also physically steal the HSM.
Besides the points already raised in relation to this; while some
entities may be able to afford a HSM and surrounding hardware and
infrastructure, how many "hobby" or even "subject matter enthusiast"
sites will?
Memory-hard salted hashes can be implemented relatively easily purely
in software running on top of virtualized platforms running on top of
commodity hardware, while still getting most of the security benefits.
I don't think HSMs have that property.
So a secret stored in a HSM _might_ be reasonable for the US
government, but memory-hard salted hashes can help all the rest of us.
And of course, nothing in 800-63 _prevents_ you from storing the
secret in a HSM if you want to, does it...?
--
Michael Kjörling • https://michael.kjorling.se • michael at kjorling.se
“People who think they know everything really annoy
those of us who know we don’t.” (Bjarne Stroustrup)
More information about the cryptography
mailing list