this post was submitted on 30 Jun 2024
23 points (82.9% liked)
Open Source
31044 readers
542 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If I'm reading the code correctly, this uses the duration of your "time lock" as the duration for how long it will perform scrypt operations on the key derivation.
In other words, if you say you want to "lock" the secret for 5 days, the code will perform scrypt to generate the key for 5 days!!! Then it expects you to remember the iteration count to decrypt it.
I don't see any use case where that's a useful mechanism. Especially since it ignores other computers are likely faster at scrypt then yours is.
If it really works like this, the time lock would vary depending on the device. Encrypt for a long time on a potato, decrypt in seconds on a good computer.