undefined | Better HN

0 pointspiracykills8y ago0 comments

Well, in my amateurish opinion - there was nothing wrong with the existing AES encryption implementation. But they also had a key derivation function based on running many iterations of AES, which was weird and non-standard, I mean it seemed like it would work, but it's not proven in the cryptographic community. Now they've switched to Argon2 which is a very well reviewed KDF and I have a lot more faith in that.

Code for the old KDF is here if anyone's interested: https://github.com/keepassxreboot/keepassxc/blob/7a55ab64d83...

0 comments

3 comments · 1 top-level

therealmarv8y ago· 2 in thread

How can I switch to the new system and new format easily?

zaarn8y ago

In KPXC, simply open the database settings, switch into the security window and select Encryption method and KDF. Then save your database. Done.

purerandomness8y ago

Just save the database file in the new format.

j / k navigate · click thread line to collapse