Skip to content
This repository has been archived by the owner on Aug 18, 2024. It is now read-only.

Use HMAC instead of random salt when encrypting #11

Open
krid opened this issue Jan 11, 2010 · 1 comment
Open

Use HMAC instead of random salt when encrypting #11

krid opened this issue Jan 11, 2010 · 1 comment
Labels
Dev Feature Req

Comments

@krid
Copy link
Owner

krid commented Jan 11, 2010

It would be better to use an HMAC as salt during encryption, and then check validity after decryption.

This requires access to a non-js hashing API. Pure-js md5 is 1s for 50K, and SHA-256 is 2.5s, whereas Mojo.Model.encrypt is 25ms for 50K.
@krid
Copy link
Owner Author

krid commented Mar 10, 2010

Hopefully the PDK will make this feasible.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Dev Feature Req
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@krid