Hash Based Key Stretching
A collision prone simple key stretching method:
key = hash(password) for 1 to 65536 do key = hash(key)A better simple key stretching method. ("+" denotes the operation of concatenation):
key = "" for 1 to 65536 do key = hash(key + password)Even better method with a salt:
key = "" for 1 to 65536 do key = hash(key + password + salt)Many libraries provide functions which perform key stretching as part of their function; see crypt(3) for an example. Note that PBKDF2 is for generating an encryption key from a password, and not necessarily for password authentication. PBKDF2 can be used for both if the number of output bits is less than or equal to the internal hashing algorithm used in PBKDF2 which is usually SHA-1 (160 bits) or used as an encryption key to encrypt static data.
Read more about this topic: Key Stretching
Famous quotes containing the words based, key and/or stretching:
“Tempered, gradual animation, the methodical restrain of sensations and energies, the equilibrium of sickness and health in each creature—this is nature’s essence, its immutable law, this is what it’s based on and what it adheres to.”
—Ivan Sergeevich Turgenev (1818–1883)
“Woe to you lawyers! For you have taken away the key of knowledge; you did not enter yourselves, and you hindered those who were entering.”
—Bible: New Testament, Luke 11:52.
“In the continual enterprise of trying to guide appropriately, renegotiate with, listen to and just generally coexist with our teenage children, we ourselves are changed. We learn even more clearly what our base-line virtues are. We listen to our teenagers and change our minds about some things, stretching our own limits. We learn our own capacity for flexibility, firmness and endurance.”
—Jean Jacobs Speizer. Ourselves and Our Children, by Boston Women’s Health Collective, ch. 4 (1978)