From 004cb37fce4621fc8537146d866081c67045bc9b Mon Sep 17 00:00:00 2001 From: Aleksi Lindeman Date: Sun, 7 Apr 2019 17:14:12 +0200 Subject: Use argon2d instead of argon2i We want gpu-resistance instead of side-channel attack resistance since password is hashed locally. --- README.md | 5 ++--- src/DatabaseStorage.cpp | 2 +- src/PasswordHash.cpp | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index fc334e8..dcae648 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # odhtdb -Decentralized key-value database using OpenDHT for decentralized communication. CRDT is used to replicate data across nodes. +Decentralized key-value database using sibs-pubsub for decentralized communication. CRDT is used to replicate data across nodes. +It is designed to use less bandwidth over speed. ## End-to-end encryption Data is signed using ed25519, encrypted using xchacha20-poly1305 ietf and hashed using Blake2b. See src/Encryption.cpp, src/Signature.cpp and src/Hash.cpp. @@ -34,8 +35,6 @@ This database is used for chat application, and in chat applications you may wan Functionality for an invite link that is only available for a certain amount of time can be added by generating an invite packet as an admin user with timestamp and the user that should be added can be excluded from the signed packet, allowing any user to be added to channel while the invite link is valid. The invite link could be converted to hex string to make it shareable and also generate QR-code using it to make it easy to join with mobile device. -## UDT -Combine opendht with udt. Use opendht to find other peers and udt for communication. ## New node download Use a merkle tree and when requesting new nodes when connecting, send X latest hashes and other peers can send you where you have missing data and send you it. If all X hashes are wrong, send older hashes. diff --git a/src/DatabaseStorage.cpp b/src/DatabaseStorage.cpp index 5b9fb04..4e2da50 100644 --- a/src/DatabaseStorage.cpp +++ b/src/DatabaseStorage.cpp @@ -26,7 +26,7 @@ namespace odhtdb }; const u64 QUARANTINE_STORAGE_TIME_MICROSECONDS = 60 * 1.0e6; - const u16 STORAGE_VERSION = 4; + const u16 STORAGE_VERSION = 5; static void sqlite_exec_checked(sqlite3 *db, const char *sql) { diff --git a/src/PasswordHash.cpp b/src/PasswordHash.cpp index f877d20..b757583 100644 --- a/src/PasswordHash.cpp +++ b/src/PasswordHash.cpp @@ -14,7 +14,7 @@ namespace odhtdb result.data = new uint8_t[HASH_PASSWORD_LENGTH]; result.size = HASH_PASSWORD_LENGTH; - if(argon2i_hash_raw(tCost, mCost, parallelism, plainPassword.data, plainPassword.size, salt.data, salt.size, result.data, HASH_PASSWORD_LENGTH) != ARGON2_OK) + if(argon2d_hash_raw(tCost, mCost, parallelism, plainPassword.data, plainPassword.size, salt.data, salt.size, result.data, HASH_PASSWORD_LENGTH) != ARGON2_OK) throw std::runtime_error("Failed to hash password"); return result; -- cgit v1.2.3