Re: Memory Hard Key Derivation Functions in the Web Crypto API

Hello Jan,

> I am going to comment on the Web Crypto API. My understanding is that
> this is the right place to do that, since the working group disbanded.
> If that is not the case, I am sorry and curious where I should head
> instead. I searched both the archives of the old mailing list as well
> as this one for previous discussions on the topic but couldn't find
> any.
> I am writing because several projects we have reviewed used PBKDF2
> from the Web Crypto API to derive key material from a password.

I stumbled upon your message, and not seeing any response in the
archive, here is my input:
* discussions on the Web Crypto API happen mostly on the github
repository where the API is being maintained

* on the specific issue of key derivation and alternatives to PKBDF2,
there is a specific ongoing discussion on the topic:

Hope this helps!


Received on Monday, 29 November 2021 08:51:17 UTC