• Markaos
    link
    fedilink
    arrow-up
    4
    ·
    5 months ago
    def generate_proof_of_work_key(initial_key, time_seconds):
        proof_key = initial_key
        end_time = time.time() + time_seconds
        iterations = 0
        while time.time() < end_time:
            proof_key = scrypt(proof_key, salt=b'', N=SCRYPT_N, r=SCRYPT_R, p=SCRYPT_P, key_len=SCRYPT_KEY_LEN)
            iterations += 1
        print(f"Proof-of-work iterations (save this): {iterations}")
        return proof_key
    
    
    def generate_proof_of_work_key_decrypt(initial_key, iterations):
        proof_key = initial_key
        for _ in range(iterations):
            proof_key = scrypt(proof_key, salt=b'', N=SCRYPT_N, r=SCRYPT_R, p=SCRYPT_P, key_len=SCRYPT_KEY_LEN)
        return proof_key
    

    The first function is used during the encryption process, and the while loop clearly runs until the specified time duration has elapsed. So encryption would take 5 days no matter how fast your computer is, and to decrypt it, you’d have to do the same number of iterations your computer managed to do in that time. So if you do the decryption on the same computer, you should get a similar time, but if you use a different computer that is faster at doing these operations, it will decrypt it faster.

    • Redjard@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      What is the threat szenario?
      If you are smart about parallelization and have access to custom hardware, couldn’t you turn 5 days into 1 hour or less?

      • Markaos
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        Yes, that’s exactly the problem - there’s nothing wrong with the encryption used, but it’s IMHO incorrect to call it time-based when it’s “work-based” and it just so happens that the specific computer doing the encryption works at a given speed.

        I don’t call my laptop’s FDE time-based encryption just because I picked an encryption that takes it 10 seconds to decrypt the key.