Encryption using password-derived keys
Alexander Klimov
alserkli at inbox.ru
Wed Nov 30 11:36:21 EST 2005
On Tue, 29 Nov 2005, Jack Lloyd wrote:
> The basic scenario I'm looking at is encrypting some data using a
> password-derived key (using PBKDF2 with sane salt sizes and
> iteration counts). [...] My inclination is to use the PBKDF2 output
> as a key encryption key, rather than using it to directly key the
> cipher (with the key used for the cipher itself being created by a
> good PRNG).
IMO this is too much complicated: just generate random salt with your
PRNG and use PBKDF2(password, salt) as a session key. Since PBKDF2 is
a (xor of) PRF outputs it is (pseudo-)random.
--
Regards,
ASK
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list