[Cryptography] NIST SP 800-63-3
Matt Palmer
mattpalms at gmail.com
Fri Aug 11 12:22:35 EDT 2017
> NIST also recommends another layer of protection using a keyed hash with
a secret key:
If you are going to make a salt secret and store it in an HSM, why not just
encrypt the password and avoid all this costly memory hard hashing?
Salts were never supposed to be secrets, they exist to increase the cost of
offline attacks, by preventing the use of precomputed rainbow tables.
Arguably with GPU based attacks, they are only adding a small increase in
work, linear in the number of passwords to be cracked, if they are stored
alongside the hashed password.
But again, if you have a good secret, can you not just encrypt...?
Regards
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170811/e953b4d3/attachment.html>
More information about the cryptography
mailing list