Since PBKDF2 is fairly easy with modern GPU’s and the offical bitwarden is adding scrypt or argon2 (have heard both)support is there any plans to do the same?
Not sure where you have read that Bitwarden is going to scrypt. They are adding Argon2id support though. But thats it as far as i know.
Also that is all client side, and Vaultwarden doesn’t do anything with encryption at all. Besides storing the received password hash in a safe way. And using some certs for generating JWT’s.
Yep wasn’t sure which one they where using and looked it up and was in a scrypt thread on github so though they where going that way.
Not totally client side and vaultwarden does 1000 PKBD2 iterations on what the client sends it. I guess it could still do that.
Do you have a link?
Also the password hash was done 100_000 iterations at Vaultwarden before. Now it’s 600_000 in the current testing tagged images.
Here is a link to the community discussion for scrypt as well as all the related PRs.
Same member who is working with the Bitwarden team to implement Argon2, though as I understand they are focusing on Argon2 KDF and have put scrypt KDF on hold for now.
I even think they aren’t going to add scrypt at all looking at the PR. They only want to add Argon2id as a non-fips crypt engine.
That’s my interpretation from what I was seeing. Argon2 only for now.