[Cryptography] NIST SP 800-63-3
Shreyas Zare
shreyas at technitium.com
Sat Aug 12 01:13:36 EDT 2017
On Fri, Aug 11, 2017 at 9:52 PM, Matt Palmer <mattpalms at gmail.com> wrote:
> > NIST also recommends another layer of protection using a keyed hash with
> a secret key:
>
> If you are going to make a salt secret and store it in an HSM, why not
> just encrypt the password and avoid all this costly memory hard hashing?
>
> Salts were never supposed to be secrets, they exist to increase the cost
> of offline attacks, by preventing the use of precomputed rainbow tables.
>
> Arguably with GPU based attacks, they are only adding a small increase in
> work, linear in the number of passwords to be cracked, if they are stored
> alongside the hashed password.
>
> But again, if you have a good secret, can you not just encrypt...?
>
With encryption, if the secret key gets compromised, then its as good as
having plain text passwords. With keyed hash you will still need to have
some resources to crack it.
*Shreyas Zare*
Technitium <https://technitium.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170812/df12c514/attachment.html>
More information about the cryptography
mailing list