SAE: Increase security parameter k to 40 based on Dragonfly recommendation

draft-irtf-cfrg-dragonfly recommends implementation to set the security parameter, k, to a value of at least 40. This will make PWE generation take significantly more resources, but makes it more likely to hide timing differences due to different number of loops needed to find a suitable PWE. Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-24 20:47:08 +03:00 · 2015-06-24 20:47:08 +03:00 · 4584b66eae
commit 4584b66eae
parent fdd731bd4a
1 changed files with 1 additions and 1 deletions
--- a/src/common/sae.c
+++ b/src/common/sae.c
@ -290,7 +290,7 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1,
 			      const u8 *addr2, const u8 *password,
 			      size_t password_len)
 {
-	u8 counter, k = 4;
+	u8 counter, k = 40;
 	u8 addrs[2 * ETH_ALEN];
 	const u8 *addr[2];
 	size_t len[2];