Generating AES key by hashing login password?

Daniel Carosone dan at
Fri Aug 29 17:20:08 EDT 2008

On Fri, Aug 29, 2008 at 09:01:26PM +0000, Muffys Wump wrote:
> Master Password: hash(hash(login_password))
> Would this be a good idea if we've used this generated hash as a key for AES?
> Would the hashing be secure enough against different kinds of attacks?

You want to look at something like PKCS#5 for generating keys from passphrases.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <>

More information about the cryptography mailing list