Fix default KDF

Inconsistency in KDF documentation fixed.
2019-10-25 13:33:48 +02:00 · 2019-10-25 13:33:48 +02:00 · 1469d83a96
commit 1469d83a96
parent 78104a8b87
2 changed files with 2 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -26,7 +26,7 @@ allow for easy code review. It exclusively uses fixed message lengths.

 The key database is encrypted itself, using AES256-GCM, a 128 bit randomized
 initialization vector and authenticated with a 128 bit authentication tag. Key
-derivation is done using scrypt with N = 131072 = 2^18, r = 8, p = 1.
+derivation is done using scrypt with N = 262144 = 2^18, r = 8, p = 1.

 ## Dependencies
 OpenSSL v1.1 is required for luksrku.
--- a/file_encryption.h
+++ b/file_encryption.h
@ -38,7 +38,7 @@ enum kdf_t {
 	KDF_PBKDF2_MAX = KDF_PBKDF2_MIN + 0,
 };

-#define ENCRYPTED_FILE_DEFAULT_KDF			KDF_SCRYPT_N17_r8_p1
+#define ENCRYPTED_FILE_DEFAULT_KDF			KDF_SCRYPT_N18_r8_p1
 #define ENCRYPTED_FILE_SALT_SIZE			16
 #define ENCRYPTED_FILE_KEY_SIZE				32
 #define ENCRYPTED_FILE_AUTH_TAG_SIZE		16