Welcome! Log In Create A New Profile

Advanced

[PHP-DEV] [RFC][DISCUSSION] Argon2id in Password Hash

Posted by Charles R. Portwood II 
Charles R. Portwood II
[PHP-DEV] [RFC][DISCUSSION] Argon2id in Password Hash
February 05, 2018 05:10PM
Hello Internals,

I would like to propose adding Argon2id to the password_* functions in PHP
7.3.

An RFC[1] has been prepared which covers implementation details, and some
common questions & concerns that I have anticipated. This RFC also includes
a tested and working implementation[2] to illustrate changes to PHP itself.

The biggest question at this time is how we want to handle versioning of
the Argon2 reference library. The RFC covers this issue in detail and
provides a solution that ensures no BC breakage for existing users.

I look forward to hearing your feedback. Thanks.

[1] https://wiki.php.net/rfc/argon2_password_hash_enhancements
[2]: https://github.com/php/php-src/compare/master...
charlesportwoodii:argon2_password_hash_enhancements?expand=1

---

Charles R. Portwood II
Sorry, only registered users may post in this forum.

Click here to login