BSI-Dokument genauer angeschaut, Obergrenze auf 127-Bit festgelegt. Performance-Test folgt am Montag(da lange Buildzeiten?).

App_Code/VERAG_VARIABLES.vb

@@ -50,7 +50,7 @@ Public Class VERAG_VARIABLES
             Argon.Salt = salt
             Argon.DegreeOfParallelism = 28
             Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 7)
-            Argon.MemorySize = (((nIterations * 19.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
+            Argon.MemorySize = (((nIterations * 9.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
             Return Argon.GetBytes(nHash)
         End If
 
@@ -71,7 +71,7 @@ Public Class VERAG_VARIABLES
             Argon.Salt = salt
             Argon.DegreeOfParallelism = 38
             Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 7)
-            Argon.MemorySize = (((nIterations * 19.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
+            Argon.MemorySize = (((nIterations * 9.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
             Return Await Argon.GetBytesAsync(nHash)
         End If
     End Function

Global.asax

@@ -18,7 +18,7 @@
 
     void Application_End(object sender, EventArgs e)
     {
-
+         Session.RemoveAll
     }
 
     void Application_Error(object sender, EventArgs e)
@@ -31,6 +31,7 @@
 
     void Session_Start(object sender, EventArgs e)
     {
+       
         // Code, der ausgeführt wird, wenn eine neue Sitzung gestartet wird
         VERAG_VARIABLES.initerrorcount();
     }
@@ -49,5 +50,6 @@
         Session.Remove("test");
         Session.Remove("PW");
         Session.Remove("IDOFCKBOX");
+        Session.RemoveAll();       
     }
 </script>

login/login_FLEX.aspx.vb

@@ -25,12 +25,12 @@ Partial Class login_FLEX
 
                 If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
                     intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10))
-                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(95, Math.Pow(2, 10)))
+                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(95, Math.Pow(2, 7)))
 
 
                 Else
                     intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 10), Math.Pow(2, 12))
-                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(95, Math.Pow(2, 10)))
+                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(95, Math.Pow(2, 7)))
                 End If
                 If String.Equals(teststr, String.Empty) = False Then
                     intzahliterats = VERAG_VARIABLES.getiterationnumber
@@ -258,7 +258,7 @@ Partial Class login_FLEX
                                 Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
                             End If
                             If String.Equals(tb3.Text, dr("Password")) = True Then
-                                intzahl = VERAG_VARIABLES.RandomInteger(95, Math.Pow(2, 10))
+                                intzahl = VERAG_VARIABLES.RandomInteger(95, Math.Pow(2, 7))
                                 salt = VERAG_VARIABLES.GenerateSalt(intzahl)
                                 Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(passw, salt, intzahliterats, intzahl)
                                 If Await VERAG_VARIABLES.VerifyhashAsync(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then