AW: [Issue 4145] Master passphrase and encrypted credentials cache
From: Markus Schaber <m.schaber_at_3s-software.com>
Date: Tue, 27 Mar 2012 16:23:01 +0000
Von: Greg Stein [mailto:gstein_at_gmail.com]
> There ya go. I knew we could tease out a solution. That sounds good to me.
I know I'm supposed to shut up, but AFAICS, this design does not prevent the offline dictionary attacks mentioned by Greg Hudson.
It is solving the "known plaintext" problem of the simpler implementation, though.
-- ___________________________ We software Automation. 3S-Smart Software Solutions GmbH Markus Schaber | Developer Memminger Str. 151 | 87439 Kempten | Germany | Tel. +49-831-54031-0 | Fax +49-831-54031-50 Email: firstname.lastname@example.org | Web: http://www.3s-software.com CoDeSys internet forum: http://forum.3s-software.com Download CoDeSys sample projects: http://www.3s-software.com/index.shtml?sample_projects Managing Directors: Dipl.Inf. Dieter Hess, Dipl.Inf. Manfred Werner | Trade register: Kempten HRB 6186 | Tax ID No.: DE 167014915Received on 2012-03-27 18:23:51 CEST
This is an archived mail posted to the Subversion Dev mailing list.