Hash Based Key Stretching
A collision prone simple key stretching method:
key = hash(password) for 1 to 65536 do key = hash(key)A better simple key stretching method. ("+" denotes the operation of concatenation):
key = "" for 1 to 65536 do key = hash(key + password)Even better method with a salt:
key = "" for 1 to 65536 do key = hash(key + password + salt)Many libraries provide functions which perform key stretching as part of their function; see crypt(3) for an example. Note that PBKDF2 is for generating an encryption key from a password, and not necessarily for password authentication. PBKDF2 can be used for both if the number of output bits is less than or equal to the internal hashing algorithm used in PBKDF2 which is usually SHA-1 (160 bits) or used as an encryption key to encrypt static data.
Read more about this topic: Key Stretching
Famous quotes containing the words based, key and/or stretching:
“In tennis, at the end of the day you’re a winner or a loser. You know exactly where you stand.... I don’t need that anymore. I don’t need my happiness, my well-being, to be based on winning and losing.”
—Chris Evert (b. 1954)
“At the last, tenderly,
From the walls of the powerful fortress’d house,
From the clasp of the knitted locks, from the keep of the well-closed doors,
Let me be wafted.
Let me glide noiselessly forth;
With the key of softness unlock the locks—with a whisper,
Set ope the doors O soul.”
—Walt Whitman (1819–1892)
“There was now no road further, the river being the only highway, and but half a dozen log huts, confined to its banks, to be met with for thirty miles. On either hand, and beyond, was a wholly uninhabited wilderness, stretching to Canada.”
—Henry David Thoreau (1817–1862)