Generating AES key by hashing login password?

Jon Callas jon at
Fri Aug 29 21:13:23 EDT 2008

> We were wondering if it was possible to use a hash function instead.
> Using the password he provided at the login screen and hash it n  
> times.
> Master Password: hash(hash(login_password))
> Would this be a good idea if we've used this generated hash as a key  
> for AES?
> Would the hashing be secure enough against different kinds of attacks?

The short answer is yes. A better answer is that you want to salt the  
password before you hash it many times, to keep from having rainbow  
tables created. Another better answer is that you want to hash many  
times to slow down password crackers.

As others have mentioned, there are standards that can show you the  
way. PKCS#5 has a mechanism for this. OpenPGP does, too. They're  
subtly different, and understanding the differences can help you roll  
your own.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list