aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksi Lindeman <dec05eba@protonmail.com>2019-04-07 17:14:12 +0200
committerAleksi Lindeman <dec05eba@protonmail.com>2019-04-07 17:14:12 +0200
commit004cb37fce4621fc8537146d866081c67045bc9b (patch)
treebdc4de0d76d19613791f86273824c71af066a934
parente673a8de53278814a860e9eba03ef776be0a4169 (diff)
Use argon2d instead of argon2i
We want gpu-resistance instead of side-channel attack resistance since password is hashed locally.
-rw-r--r--README.md5
-rw-r--r--src/DatabaseStorage.cpp2
-rw-r--r--src/PasswordHash.cpp2
3 files changed, 4 insertions, 5 deletions
diff --git a/README.md b/README.md
index fc334e8..dcae648 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,6 @@
# odhtdb
-Decentralized key-value database using OpenDHT for decentralized communication. CRDT is used to replicate data across nodes.
+Decentralized key-value database using sibs-pubsub for decentralized communication. CRDT is used to replicate data across nodes.
+It is designed to use less bandwidth over speed.
## End-to-end encryption
Data is signed using ed25519, encrypted using xchacha20-poly1305 ietf and hashed using Blake2b.
See src/Encryption.cpp, src/Signature.cpp and src/Hash.cpp.
@@ -34,8 +35,6 @@ This database is used for chat application, and in chat applications you may wan
Functionality for an invite link that is only available for a certain amount of time can be added by generating an invite packet as an admin user with timestamp
and the user that should be added can be excluded from the signed packet, allowing any user to be added to channel while the invite link is valid.
The invite link could be converted to hex string to make it shareable and also generate QR-code using it to make it easy to join with mobile device.
-## UDT
-Combine opendht with udt. Use opendht to find other peers and udt for communication.
## New node download
Use a merkle tree and when requesting new nodes when connecting, send X latest hashes and other peers can send you where you have missing data and send you it.
If all X hashes are wrong, send older hashes.
diff --git a/src/DatabaseStorage.cpp b/src/DatabaseStorage.cpp
index 5b9fb04..4e2da50 100644
--- a/src/DatabaseStorage.cpp
+++ b/src/DatabaseStorage.cpp
@@ -26,7 +26,7 @@ namespace odhtdb
};
const u64 QUARANTINE_STORAGE_TIME_MICROSECONDS = 60 * 1.0e6;
- const u16 STORAGE_VERSION = 4;
+ const u16 STORAGE_VERSION = 5;
static void sqlite_exec_checked(sqlite3 *db, const char *sql)
{
diff --git a/src/PasswordHash.cpp b/src/PasswordHash.cpp
index f877d20..b757583 100644
--- a/src/PasswordHash.cpp
+++ b/src/PasswordHash.cpp
@@ -14,7 +14,7 @@ namespace odhtdb
result.data = new uint8_t[HASH_PASSWORD_LENGTH];
result.size = HASH_PASSWORD_LENGTH;
- if(argon2i_hash_raw(tCost, mCost, parallelism, plainPassword.data, plainPassword.size, salt.data, salt.size, result.data, HASH_PASSWORD_LENGTH) != ARGON2_OK)
+ if(argon2d_hash_raw(tCost, mCost, parallelism, plainPassword.data, plainPassword.size, salt.data, salt.size, result.data, HASH_PASSWORD_LENGTH) != ARGON2_OK)
throw std::runtime_error("Failed to hash password");
return result;