Iterationen angepasst und Verhashungsalgortithmus entschlankt laut https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile muss es mind 95 bit langer salt sein.

App_Code/VERAG_VARIABLES.vb

@@ -9,7 +9,7 @@ Public Class VERAG_VARIABLES
         If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
             Return RandomInteger(Math.Pow(2, 4), Math.Pow(2, 6))
         Else
-            Return RandomInteger(Math.Pow(2, 5), Math.Pow(2, 10))
+            Return RandomInteger(Math.Pow(2, 8), Math.Pow(2, 10))
         End If
     End Function
 
@@ -50,7 +50,7 @@ Public Class VERAG_VARIABLES
             Argon.Salt = salt
             Argon.DegreeOfParallelism = 8
             Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 7)
-            Argon.MemorySize = (((nIterations * 24.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
+            Argon.MemorySize = (((nIterations * 8.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
             Return Argon.GetBytes(nHash)
         End If
 
@@ -69,7 +69,7 @@ Public Class VERAG_VARIABLES
         Else
             Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
             Argon.Salt = salt
-            Argon.DegreeOfParallelism = 8
+            Argon.DegreeOfParallelism = 18
             Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 7)
             Argon.MemorySize = (((nIterations * 24.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
             Return Await Argon.GetBytesAsync(nHash)

login/login_FLEX.aspx.vb

@@ -25,12 +25,12 @@ Partial Class login_FLEX
 
                 If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
                     intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 11))
-                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(2, Math.Pow(2, 10)))
+                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10)))
 
 
                 Else
                     intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 10), Math.Pow(2, 17))
-                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(Math.Pow(2, 5), Math.Pow(2, 10)))
+                    teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10)))
                 End If
                 If String.Equals(teststr, String.Empty) = False Then
                     intzahliterats = VERAG_VARIABLES.getiterationnumber
@@ -201,7 +201,7 @@ Partial Class login_FLEX
             reqfieldvalpassw_M.Enabled = False
             reqfieldvalpassw.Validate()
             If reqfieldvalpassw.IsValid = True Then
-                intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 6), Math.Pow(2, 10))
+                intzahl = VERAG_VARIABLES.RandomInteger(97, Math.Pow(2, 10))
                 Dim hashpw1 As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3.Text, salt, intzahliterats, intzahl)
                 passw = tb3.Text
             End If
@@ -210,7 +210,7 @@ Partial Class login_FLEX
             reqfieldvalpassw.Enabled = False
             reqfieldvalpassw_M.Enabled = True
             reqfieldvalpassw_M.Validate()
-            intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 6), Math.Pow(2, 10))
+            intzahl = VERAG_VARIABLES.RandomInteger(97, Math.Pow(2, 10))
             If reqfieldvalpassw_M.IsValid = True Then
                 Dim hashpw_M As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
                 passw = tb3_M.Text