0

Recently I've decided to publish a simple app that I am using for maintaining and storing sensible encrypted data on the cloud.

https://www.microsoft.com/store/apps/9NSGBQSJ2HD6

The hashing is done with Argon2id v1.3 (https://libsodium.gitbook.io/doc/password_hashing/default_phf). I think I'm using a reasonable and secure choice of parameters in terms of memory cost and parallelization if we consider that the app is a desktop client application. Therefore, the entire burden of the operation is client-side and it's unlikely that a user will be hashing more than a value at a time.

Nonetheless, I would like to provide some sort of "security metrics" to the users of the app in terms of performance/costs, to explain how much likely would be for somebody else to try cracking their archives. My problem is that I cannot find anything related to Argon2id.

Is there a source or a way to show some rough estimations for Argon2id?

Maarten Bodewes
  • 92,551
  • 13
  • 161
  • 313
Francesco Milani
  • 101
  • 1
  • I've removed a lot of information that was not of importance to your question, please try and keep questions concise. – Maarten Bodewes Apr 18 '20 at 19:53
  • What estimations you mean? Estimations of what? You can measure time used and display it. – mentallurg Apr 18 '20 at 22:04
  • @mentallurg look at this question. In the answer: "Let's say you can do 10^14 decryptions per second..." What I was hoping to find, it's some lab benchmarks, about Argon2id, made with different hardware and power calculation, so that I can state something similar to that said question. – Francesco Milani Apr 18 '20 at 23:25

0 Answers0