The third part of this series presented PBKDF2 as a modern key derivation and password hashing algorithm. But PBKDF2 has its limitations; for best protection against password cracking the iteration count (defining the computing power needed to hash a password) should be chosen as high as possible. On the other hand, a higher iteration count also means that a login of a regular user will be slower. The maximal time users are prepared to wait for a successfull login will limit the maximal iteration count which you can choose for the available computing power.
For some time we could at least assume that all but the most resourcefull attackers will have roughly the same computing power at hand as the defenders have on their login servers. An attacker might be able to set up (and finance) hardware to hash passwords 100 or even 1000 times faster than a server, but this could be compensated for by a sufficiently high iteration count. However, by using hardware specialized towards massively parallel execution of hashing operations the relation of the average servers and the potential attackers “hashing power” shifted more and more to the advantage of the attacker. Hashing algorithms like the scrypt algorithm presented in this Blog article attempt to shift this relation back in favor of the defender.
The last part of this series presented a fairly serious password hashing algorithm using an HMAC and a salt value. However, as this article will show, this construction can be much improved, dramatically raising the “price” for an attacker to crack a password hash.
While my colleague at Point Software, François Scheurer, is working on his next article of how to make a chess game in the Scala programming language, we will use our know-how gained in the last two parts of this series to build the frontend of the game.
In this blog article I will show the different types of secret sharing methods especially the common used Shamires secret sharing method. Thereafter I will explain the mathematical background of this procedure.
What is Secret Sharing about?
Let’s start with the following situation. A big heritage should be distributed over 6 heirs. The heritage is stored in
If you are looking for information to use free libraries to convert and resize video files within a Scala or Java project, you may probably have cross the road of an open source project called Xuggle .
This library is written in Java but is using native code from ffmpeg (another open source project) for the many video and audio codecs.
This tutorial will guide you to:
build the Xuggle project on Debian Linux
write a sample class in Java and Scala to use Xuggle
In the first part of this blog series we have forked Point Software’s Scala Hack Session and cloned a remote repository on a local machine using EGit. In this second part you will learn how to make changes, use branches, commit on your local repository and then pushing it all to your remote project.
As you will see below you will get a better understanding of Git and GitHub, learn to use best practices and avoid some obstacles.