![]() Key derivation algorithms sometimes work okay as hashes (for password storage), but almost by accident. You're trying to create output that has particular attributes, such as pseudo- random bits, long length, and bonus points if they length can be extended to go on forever. You do not care about any aspects of the output, other than that it can't be used to infer the input (and that it has a guaranteed reasonable maximum length).įor a key derivation function, it's ALL about the output. It's a one-way trap door - you can compute the hash from the plaintext password, but not the other way around. What you want for password storage is confidence that if the bad guy gets F(plaintext,salt), (the hash) they can't derive the plaintext. Both brypt and scrypt would PROBABLY work, especially bcrypt, but they're designed for a different use.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |