Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 6 Aug 2012 23:59:40 +0400
From: Solar Designer <>
Subject: Re: 1Password blog post about Dhiru's new/forthcoming 1Password module


On Sun, Aug 05, 2012 at 12:26:23AM -0400, Jeffrey Goldberg wrote:
> The Elcomsoft report was discussing 1Password for iOS, which uses a different format than the desktop.  The desktop has used PBKDF2 since 2008. We added PBKDF2 to the iOS app after the Elcomsoft report came out. (Our excuse for not doing it sooner is that we still support devices running iOS 3, which doesn't offer PBKDF2 in the Apple SDK. So after Elcomsoft report we ripped an implementation from OpenSSL to get this to work on older iPhones.)

Thanks for the clarification.

Have you considered moving both products from PBKDF2 to scrypt?  Yours
could be the very first password manager to use scrypt.  And it'd make
things tough for us, yet would provide a better reason for us to add
support for scrypt into JtR - which would also provide some data on how
well scrypt works in practice, whether and to what extent attacks scale
beyond one CPU core (my gut feeling is that a speedup of roughly 2x
might be achieved on typical machines due to having multiple RAM
accesses in progress at a time).

> I'll have to dig into various changes to see when the derived AES key is 128 or 256 bits. The answer may lie with when the agilekeychain was created (or had a password change).

OK.  We'd appreciate this info.

Is it 128 vs. 256, or do you also support 192-bit keys?

Meanwhile, your blog post has spurred these threads on reddit:

Thanks again,


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.