expanding a password into many keys
Ondrej Mikle
ondrej.mikle at gmail.com
Mon Jun 13 17:36:54 EDT 2005
On 6/12/05, Ian G <iang at systemics.com> wrote:
> I'd like to take a password and expand it into
> several keys. It seems like a fairly simple operation
> of hashing the concatonatonation of the password
> with each key name in turn to get each key.
>
> Are there any 'gotchas' with that?
>
> iang
>
I guess you should use some scheme like PKCS #5 PBKDF2 scheme
(password based key derivation function). The only difference between
your idea and PBKDF2 is that the latter does a lot of hash rounds and
is salted (I guess you pick key name to be static and not random, so
they are not used as salts).
Salting helps a bit against static precomputed hashes and techniques
like rainbow tables.
Ondrej Mikle
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list