undefined | Better HN

0 pointshvidgaard7y ago0 comments

> You can fix that problem by also adding a PRF (pseudorandom function) that you rate-limit vigorously. Think of a PRF as a keyed hash -- the usual example is HMAC-SHA256. If you're capable of keeping PRF key material safe but might leak a database dump (not unreasonable), the PRF forces the attack to be online: an attacker can only validate guesses as long as they have access to the PRF, and the PRF comes with audit trails and rate limits.

That particular part is assuming security through not knowing the implementation of the security models components, aka. security through obscurity. Rule no. 1 in security, always assume that the adversary knows exactly how everything is implemented and can do that for himself.

0 comments

lvh7y ago

What? A PRF having a secret key is not “security by obscurity.” I am documenting how the entire process works and where the security properties come from.

j / k navigate · click thread line to collapse

0 pointshvidgaard7y ago0 comments

0 comments

lvh7y ago

What? A PRF having a secret key is not “security by obscurity.” I am documenting how the entire process works and where the security properties come from.

j / k navigate · click thread line to collapse