Stack Overflow
Stack Overflow

Questions tagged [argon2-ffi]

Argon2 is a hashing algorithm, primarily for password hashing. Use with specific language tags for questions regarding implementation

Argon2 is a hashing algorithm designed for the Password Hashing Competition, which it ultimately won. From the GitHub repository

Argon2 is a password-hashing function that summarizes the state of the art in the design of memory-hard functions and can be used to hash passwords for credential storage, key derivation, or other applications.

It has a simple design aimed at the highest memory filling rate and effective use of multiple computing units, while still providing defense against tradeoff attacks (by exploiting the cache and memory organization of the recent processors).

Argon2 has been implemented in a number of programming languages. Questions should pertain to using it within those languages.

78 questions
3
votes
1 answer

BCrypt vs Argon2 and their hashing algorithms

i am working in a startup company providing software services and recently we have set security standards for encryption. For hashing, the standards that were set was we should use SHA-512 or SHA-256. For Java, We are considering using Bcrypt of…
lecarpetron dookmarion
  • 519
  • 2
  • 7
  • 18
3
votes
0 answers

Issue installing node Argon2 on macbook

Attempting to install node argon2 on MacBook 2019. I would expect it to succeed Followed instruction on npm - argon2 CXX=g++-6 npm install argon2 Error messages: make: g++-6: No such file or directory
Chris Hunter-Johnson
  • 414
  • 5
  • 19
3
votes
1 answer

Argon2 example using BouncyCastle library

Since version 1.61, the BouncyCastle library supports the Argon2 password based key derivation function. However, I cannot find an example how to use the Argon2 algorithm through the BouncyCastle API. Can someone give a hint? Thanks a lot.
haui
  • 567
  • 5
  • 18
3
votes
2 answers

Should I encrypt my password after I hashed it? If so how to properly do it?

I am trying to get a better understanding on Hashing and Encryption, however I stumbled upon questions that I can't seem to find in Google because Google keep offering basic difference of Hashing and Encryption, which I already read. More over a…
Irfandy Jip
  • 1,308
  • 1
  • 18
  • 36
3
votes
1 answer

Argon2i in PHP7 - Picking Appropriate Options

What values should I use for generating Argon2i hashes and how can I find the appropriate settings my hardware can afford? Namely: memory_cost time_cost threads as: $options = [ 'memory_cost' => 1<<17, 'time_cost' => 4, 'threads' …
Archer Sylus
  • 33
  • 4
2
votes
0 answers

GLIBC_2.25 not found when tyring using argon2 in nodejs

this is the response i got when i run node file `node:internal/modules/cjs/loader:1210 return process.dlopen(module, path.toNamespacedPath(filename)); ^ Error: /lib64/libc.so.6: version GLIBC_2.25' not found (required by…
rizky2609
  • 21
  • 1
2
votes
0 answers

How to install argon2 without downloading prebuild binaries each time with npm install?

I have the problem, that npm install always fails in my project in my continuous integration system (windows OS) because of the npm library argon2 (https://www.npmjs.com/package/argon2). Here is the log: ... > keytar@7.9.0 install…
Siminho
  • 109
  • 1
  • 2
  • 6
2
votes
3 answers

Invalid ELF Header - Argon2 package

I am running to an error that says "Invalid ELF header" for a package called "argon2". When uploading my code to AWS Lambda through the serverless framework. The code runs perfectly when running locally. Development on MacOS Big Sur version…
Michael Remy
  • 23
  • 1
  • 4
2
votes
0 answers

Argon2id hash time highly variable on J2EE webapplication

We have a large Java web application and have to switch the hashing algorithm to Argon2id. We did a load test with 20 concurrent logins to get a feel for the response times and find the right parameters. (In production, there are 3x as much…
Nordic
  • 61
  • 5
2
votes
0 answers

PHP Argon2 memory usage not reflected by memory_get_peak_usage

I want to use Argon2 as the hashing algorithm for the passwords in my system and I'm trying to find the right parameters to set for it. I'm using PHP. While testing a few variations, I tried to see how's the memory impacted by using Argon2. The…
MaxiWheat
  • 6,133
  • 6
  • 47
  • 76
2
votes
0 answers

Is it necessary to worry about timing attacks when comparing SHA256 or Argon2 hashes?

I have implemented Argon2 hashing algorithm for password hashing. I am worry about my code, it may vulnerable to timing attack. public static boolean login(String mailId, String password) { List userList = findByMailId(mailId); if…
Victory
  • 1,184
  • 2
  • 11
  • 30
2
votes
1 answer

Unable to install Python argon2_cffi

I am trying to install argon2_cffi in my python 3.5 virtual environment without using pip. I have downloaded the package from github . When I am trying to install this , python setup.py build or install , it fails with the error running…
Thomas John
  • 2,138
  • 2
  • 22
  • 38
2
votes
1 answer

Using libsodium.crypto_pwhash (Argon2) in Node

I am having trouble getting crypto_pwhash_str working in my Node project. I imported the libsodium-wrappers-sumo and libsodium-sumo libraries properly and am able to call other functions with success. My call to the problematic function looks like…
TovrikTheThird
  • 471
  • 2
  • 7
  • 20
1
vote
1 answer

Which hashing algorithm to use for API key?

My web application issues API keys to clients and I want to hash the API key in my database. However, it seems that if I follow best practices, whereby every hash has a different salt, then I cannot look up a user by their API key in my DB. So my…
poundifdef
  • 18,726
  • 23
  • 95
  • 134
1
vote
0 answers

Argon2 hash to use for disabled accounts

For the Python argon2 library, I would like a simple hash value that is not the hash of any actual password, and yet will raise argon2.exceptions.VerifyMismatchError rather than another exception when checked. I am looking for a way to disable…
bitinerant
  • 1,168
  • 7
  • 24
1
2
3 4 5 6