gpt4 book ai didi

postgresql - PostgreSQL 10 中的 scram-sha-256 设置使用多少次迭代?

转载 作者:行者123 更新时间:2023-11-29 12:03:14 27 4
gpt4 key购买 nike

在 PostgreSQL 10 中,scram-sha-256 设置使用多少次迭代?

docs just say

Setting this parameter to scram-sha-256 will encrypt the password with SCRAM-SHA-256.

build log reads .

Add SCRAM-SHA-256 support for password negotiation and storage (Michael Paquier, Heikki Linnakangas) This proves better security than the existing md5 negotiation and storage method.

最佳答案

它是 scram-common.h 中的编译时变量,称为 SCRAM_ITERATIONS_DEFAULT .目前设置为 4096。

这基本上符合 2015 年 11 月引用的规范“经验法则”为 15,000。它目前是允许迭代的最低值。来自 RFC-7677

The strength of this mechanism is dependent in part on the hashiteration-count, as denoted by "i" in [RFC5802]. As a rule of thumb,the hash iteration-count should be such that a modern machine willtake 0.1 seconds to perform the complete algorithm; however, this isunlikely to be practical on mobile devices and other relatively low-performance systems. At the time this was written, the rule of thumbgives around 15,000 iterations required; however, a hash iteration-count of 4096 takes around 0.5 seconds on current mobile handsets.This computational cost can be avoided by caching the ClientKey(assuming the Salt and hash iteration-count is stable). Therefore,the recommendation of this specification is that the hash iteration-count SHOULD be at least 4096, but careful consideration ought to begiven to using a significantly higher value, particularly wheremobile use is less important.

关于postgresql - PostgreSQL 10 中的 scram-sha-256 设置使用多少次迭代?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43667908/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com