Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:94869
Return-Path: <lauri.kentta@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 46170 invoked from network); 5 Aug 2016 20:52:12 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Aug 2016 20:52:12 -0000
Authentication-Results: pb1.pair.com header.from=lauri.kentta@gmail.com; sender-id=softfail
Authentication-Results: pb1.pair.com smtp.mail=lauri.kentta@gmail.com; spf=softfail; sender-id=softfail
Received-SPF: softfail (pb1.pair.com: domain gmail.com does not designate 188.117.41.47 as permitted sender)
X-PHP-List-Original-Sender: lauri.kentta@gmail.com
X-Host-Fingerprint: 188.117.41.47 mailgateway.locotech.fi Linux 2.6
Received: from [188.117.41.47] ([188.117.41.47:57606] helo=mailgateway.locotech.fi)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id AD/F0-33134-A7CF4A75 for <internals@lists.php.net>; Fri, 05 Aug 2016 16:52:10 -0400
Received: from localhost (mailgateway [127.0.0.1])
	by mailgateway.locotech.fi (Postfix) with ESMTP id 9C31EA35FE4;
	Fri,  5 Aug 2016 23:52:06 +0300 (EEST)
X-Virus-Scanned: amavisd-new at locotech.fi
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-9998 required=5
	tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001,
	FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9]
	autolearn=no autolearn_force=no
Received: from mailgateway.locotech.fi ([127.0.0.1])
	by localhost (mailgateway.locotech.fi [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id ew89pbUEznkF; Fri,  5 Aug 2016 23:51:51 +0300 (EEST)
Received: from posti.fimnet.fi (posti.fimnet.fi [172.16.1.44])
	by mailgateway.locotech.fi (Postfix) with ESMTP id 7F644A35BD8;
	Fri,  5 Aug 2016 23:51:51 +0300 (EEST)
Received: from k-piste.dy.fi (unknown [172.16.1.39])
	by posti.fimnet.fi (Postfix) with ESMTPSA id 4492310180D;
	Fri,  5 Aug 2016 23:51:51 +0300 (EEST)
Received: from localhost.localdomain ([::1] helo=k-piste.dy.fi)
	by k-piste.dy.fi with esmtp (Exim 4.87)
	(envelope-from <lauri.kentta@gmail.com>)
	id 1bVm5u-0003tM-Sj; Fri, 05 Aug 2016 23:51:50 +0300
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
Date: Fri, 05 Aug 2016 23:51:50 +0300
To: "Charles R. Portwood II" <charlesportwoodii@erianna.com>
Cc: Tom Worster <fsb@thefsb.org>, PHP internals <internals@lists.php.net>
In-Reply-To: <CAGC=tRnKgD=r8pSc1KVPahC2Xx=BYDV+M=55eQ0GfMQSVgr97Q@mail.gmail.com>
References: <CAGC=tRnpka_ym=f-xsskjeiPaqahsTEAxPq9=E8Z73KQKeRrHg@mail.gmail.com>
 <81b5a129-9c90-0a54-921f-7e1f9b5f727f@thefsb.org>
 <CAGC=tR=4v0KAkqnU1Q3Fr5AeM8o_PuJfP9rYQ_s4X3=Z9UUh=w@mail.gmail.com>
 <CAObuZdsq33=g4wG=FP0bOHnsE9N+PrCu3nGs7ZNAxx=rX4dJ+w@mail.gmail.com>
 <CAGC=tRkw3u0=ufjALKvF6YpahLE6H05T0vFBHyHPCM4aR1siCw@mail.gmail.com>
 <D3CA3C50.70BAD%fsb@thefsb.org>
 <CAGC=tRnKgD=r8pSc1KVPahC2Xx=BYDV+M=55eQ0GfMQSVgr97Q@mail.gmail.com>
Message-ID: <9d2ef6f3a84333f35ebcb843ade65c22@k-piste.dy.fi>
X-Sender: lauri.kentta@gmail.com
User-Agent: Roundcube Webmail/1.2.1
Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Argon2 Password Hash
From: lauri.kentta@gmail.com (=?UTF-8?Q?Lauri_Kentt=C3=A4?=)

On 2016-08-05 21:20, Charles R. Portwood II wrote:
> On Fri, Aug 5, 2016 at 12:12 PM, Tom Worster <fsb@thefsb.org> wrote:
>> 
>> I can understand an argument that it's too much to expect a user to
>> provide an options array when using Argon2. But I don't understand how 
>> my
>> suggestion breaks BC. In my idea, a future RFC would propose default 
>> cost
>> constants. Changing PASSWORD_DEFAULT to PASSWORD_ARGON2I depends on 
>> those
>> constants so they would need to be defined before changing
>> PASSWORD_DEFAULT or at the same time. So...
>> 
>> password_hash('password', PASSWORD_DEFAULT) will always work.
>> 
>> password_hash('password', PASSWORD_ARGON2I) works as soon as Argon2 is
>> introduced in your proposal, but has to wait for another future RFC in 
>> my
>> suggested change.
>> 
>> password_hash('password', PASSWORD_ARGON2I, [costs]) will always work.
>> 
>> How does a BC break happen?
>> 
>> Tom
>> 
> 
> Hi Tom,
> 
> It breaks the API in the interim between this RFC and a potential 
> future
> one. The $options parameter for both password_hash and
> password_needs_rehash is optional. Making it required for one algorithm 
> but
> not another changes the API's for both methods. The expectations 
> outlined
> in the original password_hash RFC make the third parameter for tuning 
> the
> algorithm, not for making the algorithm work. Without default values, 
> both
> password_hash and password_needs_rehash would fail unless the costs are
> provided.
> 

I think it's very important to provide some kind of default parameters.
We have password_needs_rehash for the exact reason that we can later
change the defaults if they are not good enough (anymore).

If the defaults are not set, people will have to invent their own
parameters, which may be good or very bad. These parameters will not be
automatically updated with future versions of PHP.

There is nothing to lose from setting some sane defaults.
There is nothing to gain from NOT setting the defaults.

About the memory requirements: setting the memory cost too high may 
limit
using this algorithm in many inexpensive shared web hosting services,
which may have default PHP memory limit as low as 128 MB or 256 MB.

-- 
Lauri Kenttä