Argon2

  • This KDF was added in v1.12.0.

  • https://en.wikipedia.org/wiki/Argon2 is a key derivation function which won the Password Hashing Competition in 2015. This KDF is recommended as it offers a variety of modes which can be tailored to prevention of GPU attacks, prevention of side-channel attacks, or a combination of both. It allows for a variable output key length.

  • The recommended minimum cost is memory=216 (65,536) KiB, iterations=5, parallelism=8 (as of 4/22/2020 on commodity hardware). The https://password-hashing.net/argon2-specs.pdf Section 9 describes an algorithm used to determine recommended parameters. These parameters should be increased to the threshold at which legitimate systems will encounter detrimental delays (use Argon2SecureHasherTest#testDefaultCostParamsShouldBeSufficient() to calculate safe minimums).

  • The salt format is $argon2id$v=19$m=65536,t=5,p=8$ABCDEFGHIJKLMNOPQRSTUV. The salt is delimited by $ and the four sections are as follows:

    • argon2id - the "type" of algorithm (2i, 2d, 2id). NiFi currently uses argon2id for all salts generated internally.

    • v=19 - the version of the algorithm in decimal (0d19 = 0x13). NiFi currently uses 0d19 for all salts generated internally.

    • m=65536,t=5,p=8 - the cost parameters. This contains the memory, iterations, and parallelism in order.

    • ABCDEFGHIJKLMNOPQRSTUV - the 12-44 character, Base64-encoded, unpadded, raw salt value. This decodes to a 8-32 byte salt used in the key derivation.

Additional Resources