Replace Argon2 with Balloon hashing

[govpn.git] / doc / verifierstruct.texi

diff --git a/doc/verifierstruct.texi b/doc/verifierstruct.texi
index 51cf2893e3b2bf564485df76ee36bed9f4d6686b..b199d72faebc09f42b48488179baf1c8724db75e 100644 (file)
--- a/doc/verifierstruct.texi
+++ b/doc/verifierstruct.texi
@@ -1,8 +1,4 @@
 @node Verifier structure
 @node Verifier structure

-@cindex Verifier structure
-@cindex Argon2
-@cindex Argon2d
-@cindex Salt

 @section Verifier structure
 
 Verifier is a derivative of the password. It is resistant to
 @section Verifier structure
 
 Verifier is a derivative of the password. It is resistant to


@@ -10,17 +6,18 @@ dictionary attacks and can not be used for authentication (only
 its verifying).
 
 @verbatim
 its verifying).
 
 @verbatim

-SOURCE = Argon2d(m, t, p, SALT=PeerId, PASSWORD)
+SOURCE = Balloon(PASSWORD, SALT=PeerId, sCost, tCost, pJobs)

 PUB, PRIV = Ed25519.Generate(SOURCE)
 @end verbatim
 
 PUB, PRIV = Ed25519.Generate(SOURCE)
 @end verbatim
 

+Balloon hashing uses BLAKE2b-256 hash. Space cost (sCost), time cost
+(tCost) and number of parallel jobs (pJobs) are specific to Balloon
+implementation.
+

 Verifier is serialized representation of public data above:
 @verbatim
 Verifier is serialized representation of public data above:
 @verbatim

-$argon2d$m=m,t=t,p=p$Base64(SALT)$Base64(PUB)
+$balloon$s=s,t=t,p=p$Base64(SALT)$Base64(PUB)

 @end verbatim
 
 @end verbatim
 

-m, t and p parameters are Argon2d-specific: memory, iterations and
-parallelizm parameters.
-

 Server stores and knows only verifier. Client can compute the whole
 keypair every time he makes handshake.
 Server stores and knows only verifier. Client can compute the whole
 keypair every time he makes handshake.