Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-2100

Make the number of BCrypt rounds configurable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: EJBCA 4.0.0
    • Fix Version/s: EJBCA 4.0.2
    • Component/s: PKI core
    • Labels:
      None

      Description

      Using TPTP (http://www.eclipse.org/tptp/) profiling it looks like the BCrypt secure password hash is indeed computation expensive (this is by design, see http://www.mssl.ucl.ac.uk/~pal/provos_bcrypt.pdf).
      The time spent on password hashes are about 200 times the time spent on logging using the OldLogDevice when profiling.
      Even though it is important to resist an off-line attack against the passwords in the UserData table, we need to remember that these are normally used as "one time passwords" and have a very short life.

      It seems more reasonable for EJBCA to BCrypt with a less costly number of rounds. E.g. preferably with a cost comparable to other operations.

      • The lowest allowed cost in the jBCrypt implementation is 4 and we modify the code to allow 1 round and make this configurable.
      • It should be possible to disable BCrypt with the configuration (0) to perform proper performance comparison between 3.11 and 4.0 branch.
      • If "app.version.effective" is 3.11, BCrypt should not be used (100% uptime requirement)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              johan Johan Eklund
              Reporter:
              johan Johan Eklund
              Verified by:
              Mike Agrenius Kushner
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: