Hacker News new | past | comments | ask | show | jobs | submit login

I don't think this is really suitable for web applications. Javascript really sucks at crypto (due to the lack of suitable data types), and requiring Java wouldn't fly with too many people (Flash is sort of in-between, I guess?). There is a very large constant factor here, so and since the whole point of this key derivation stuff is to make an attacker work harder...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact