PHC
spec
In order to understand hex and type parameters read HASH
Argon2
spec
Description: Password hashing winner of PHC.
Outputs: Variable
Uses: Highest resistance against GPU cracking attacks, safest against side-channel attacks.
How to ???
Copy import requests
import json
import os , binascii
def sending ( message ):
url = 'http://127.0.0.1:6613/'
response = requests . post (url, data = message)
print response . content
return response . content
def argon ( data_js ):
req = json . loads (data_js)
print "Hash passwd \n " + json . dumps (req) + "\n"
data_js_n = sending (json. dumps (req))
answ = json . loads (data_js_n)
print "Recived Argon2 hash: \n" + (json . dumps (answ) ) + "\n\n\n"
verify= '{ "version": 1 , "algorithm":"ARGON2" ,"family":"argon2i","plaintext": "Hello world!","hex":0,"pwd":"", "operation":"verify"}';
req = json . loads (verify)
req [ "pwd" ] = answ [ "hash" ]
print "Verify passwd \n " + json . dumps (req) + "\n"
data_js_n = sending (json. dumps (req))
answ_1 = json . loads (data_js_n)
print "Recived Argon verification: \n" + (json . dumps (answ_1) ) + "\n\n\n"
argon2_js='{ "version": 1 , "algorithm":"ARGON2" ,"family":"argon2i","plaintext": "Hello world!","t_cost":10,"m_cost":16,"parallelism":4,\
"salt" : "ABABABABABABABABABABABABABABABAB" , "hashlen" : 32 , "hex" : 0 , "operation" : "hash" } '
argon (argon2_js) In this example We generate hash and validate password with argon2i from string Hello world! with t_cost, m_cost, parallelism and salt parameters given.
In order to understand t_cost, m_cost, parallelism and salt parameters, please read spec .
On argon2_js["family"] can be one of {argon2i, argon2d, argon2id}
On argon2_js["operation"] can be {hash, verify}
ARGON2 only supports "type":"string"
Json to hash
Copy { "version" : 1 , "algorithm" : "ARGON2" , "family" : "argon2 flavor" ,
"plaintext" : "your password" , "t_cost" : INT , "m_cost" : INT , "parallelism" : INT ,
"salt" : "hex string" , "hashlen" : INT , "hex" : BOOL , "operation" : "hash" } Json to verify
Copy { "version" : 1 , "algorithm" : "ARGON2" , "family" : "argon2 flavor" ,
"plaintext" : "your password" , "hex" : BOOL , "pwd" : "Hex (hash arong2 string) " ,
"operation" : "verify" } In this tutorial We are protecting user's credentials with TLS and Argon2. It means the information is protected in motion, at rest, in use. End to end user credentials protection
