[OC] Graveyard — Dead simple encryption (lemmy.ml)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

9 comments fedilink hide all child comments

After discovering Tomb, and a few personal issues with it, I decided to write a very similar program that doesn't require root access and compiles to a single binary: Graveyard.

Additional information and source code: GitHub.

Also, sorry about the ugly terminal colors, I recently just switched to Artix and haven't gotten around to making everything look amazing.

Edit: Cleaned up some stuff

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 19 points 1 year ago

It looks like the key-derivation function used here is just a single iteration of sha256 followed by truncating.

I'm not a security expert, but I'm pretty sure that's insecure.

Consider using PBKDF2 or Argon2.

[-] [email protected] 11 points 1 year ago

Gosh, I've really messed up. Fixing immediately, thank you for bring this to my attention -- and I apologize to all y'all.

[-] [email protected] 2 points 1 year ago

Again, I'm not a security expert, so maybe your original version was fine for this use case.

But since dedicated password-based key derivation functions exist, you should probably stick to one of those instead of rolling your own.

Thanks for fixing this quickly!

this post was submitted on 21 Aug 2023

88 points (97.8% liked)

Unixporn

15166 readers

38 users here now

Unixporn

Submit screenshots of all your *NIX desktops, themes, and nifty configurations, or submit anything else that will make themers happy. Maybe a server running on an Amiga, or a Thinkpad signed by Bjarne Stroustrup? Show the world how pretty your computer can be!

Rules

Post On-Topic
No Defaults
Busy Screenshots
Use High-Quality Images
Include a Details Comment
No NSFW
No Racism or use of racist terms

founded 5 years ago

MODERATORS

[email protected]