Re: MD5 for passwords
- From: "Joseph Ashwood" <ashwood@xxxxxxx>
- Date: Wed, 01 Nov 2006 21:58:11 GMT
"Ivan Voras" <ivoras@xxxxxxxxxx> wrote in message
news:eiapss$4ac$1@xxxxxxxxxxxxxxxxx
Hmm, wouldn't iterating any hash function 10000 times on a password just
lessen the (already weak) entropy present?
If that is considered a risk try
IV = salt
10000 times
IV = HMAC-MD5(password, IV) //(data, key)
store IV
It will still be insanely fast, but it is easy to prove that the final
iteration has access to all the entropy, so you'll get at most the entropy
loss of a single round. This should be good enough for most purposes, and
tightens up the security proofs a bit more.
The additional window of opportunity to connect and read out the password is
so small that I feel it can be ignored, there are easier, more dependable
opportunities other places.
Joe
.
- References:
- Re: MD5 for passwords
- From: Unruh
- Re: MD5 for passwords
- From: Ivan Voras
- Re: MD5 for passwords
- From: David Wagner
- Re: MD5 for passwords
- From: Ivan Voras
- Re: MD5 for passwords
- Prev by Date: Re: How hard is it to break a ECDSA 49-bit prime field digital signature?
- Next by Date: Combined Signature and Encryption Schemes.
- Previous by thread: Re: MD5 for passwords
- Next by thread: Re: MD5 for passwords
- Index(es):
Relevant Pages
|
