This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] NWIs update
- Previous message (by thread): [db-wg] NWIs update
- Next message (by thread): [db-wg] NWIs update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Nick Hilliard
nick at foobar.org
Wed Apr 10 10:40:05 CEST 2019
Gert Doering wrote on 10/04/2019 09:22: > Well, it wasn't clear if "store unencrypted" referred to the client or > server side. On the server side, yes, please store one-way hashed in > a secure fashion. How though? Again, thinking out loud, it's easy enough if you implement using an unsalted hash except that's not considered to be secure. If you hash with salt, then you need to hash the incoming API key against all salt values stored from the DB because the only way you can figure out which API key is being used is to do a linear comparison against all API key hashes. This implies an authentication comparison load of O(n), where n is the number of API keys in the DB, so that's unlikely to scale well. Nick
- Previous message (by thread): [db-wg] NWIs update
- Next message (by thread): [db-wg] NWIs update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]