rfc:argon2_password_hash

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
rfc:argon2_password_hash [2016/08/18 15:51] charlesportwoodiirfc:argon2_password_hash [2018/03/01 23:27] (current) – RFC was implemented in PHP 7.2 carusogabriel
Line 1: Line 1:
 ====== PHP RFC: Argon2 Password Hash ====== ====== PHP RFC: Argon2 Password Hash ======
-  * Version: 0.7+  * Version: 0.8
   * Date: 2016-07-10   * Date: 2016-07-10
   * Author: Charles R. Portwood II <charlesportwoodii@erianna.com>   * Author: Charles R. Portwood II <charlesportwoodii@erianna.com>
-  * Status: Under Discussion+  * Status: Implemented (in PHP 7.2)
   * First Published at: http://wiki.php.net/rfc/argon2_password_hash   * First Published at: http://wiki.php.net/rfc/argon2_password_hash
  
Line 13: Line 13:
   - And a parallelism factor, which defines the number of parallel threads   - And a parallelism factor, which defines the number of parallel threads
  
-Argon2 comes in two distinct flavors, Argon2i and Argon2d. Argon2i which is optimized for password hashing and password based key derivation. Argon2 is faster and uses data-dependent memory access, making it highly resistant against GPU cracking attacks and suitable for applications with no threats from side-channel timing attacks (such as cryptocurrencies).+Argon2 comes in two distinct flavors, Argon2i and Argon2d. Argon2i which is optimized for password hashing and password based key derivation. Argon2d is faster and uses data-dependent memory access, making it highly resistant against GPU cracking attacks and suitable for applications with no threats from side-channel timing attacks (such as cryptocurrencies).
  
 ===== Proposal ===== ===== Proposal =====
Line 119: Line 119:
 None. None.
  
-===== Open Issues =====+===== Discussion Issues =====
  
-==== Cost factors ====+All issues in this section have been resolved. The primary discussion points and resolutions are outlined. 
 + 
 +==== [Resolved] Cost factors ====
  
 This library initially proposed higher cost factors, but now proposes the following cost factors: This library initially proposed higher cost factors, but now proposes the following cost factors:
Line 183: Line 185:
 Voting will be open for 2 weeks. Voting will be open for 2 weeks.
  
-<doodle title="argon2_password_hash_revote" auth="charlesportwoodii" voteType="single" closed="false">+<doodle title="argon2_password_hash_revote" auth="charlesportwoodii" voteType="single" closed="true">
    * Yes    * Yes
    * No    * No
Line 193: Line 195:
  
 ===== Implementation ===== ===== Implementation =====
-After the project is implemented, this section should contain  +  - Merged in 7.2 
-  - the version(s) it was merged to +  - Commit: https://github.com/php/php-src/commit/35a74b9e4a9b5812c0e3a5524e28ff7dec50f1dc
-  a link to the git commit(s)+
   - a link to the PHP manual entry for the feature   - a link to the PHP manual entry for the feature
  
Line 218: Line 219:
   - 2016-08-01: 0.6 Removing Argon2 from password_*, changing configure flag to --with-password-argon2 for clarity of scope   - 2016-08-01: 0.6 Removing Argon2 from password_*, changing configure flag to --with-password-argon2 for clarity of scope
   - 2016-08-18: 0.7 Adding clarity on new cost factors   - 2016-08-18: 0.7 Adding clarity on new cost factors
 +  - 2016-08-24: 0.8 Voting re-opened 
 +  - 2016-09-08: 0.8 RFC accepted, voting closed
rfc/argon2_password_hash.txt · Last modified: 2018/03/01 23:27 by carusogabriel

Page Tools