Re: Newbie question: best algorithm for keyword-based password generation
- From: Tom St Denis <tom@xxxxxxx>
- Date: Thu, 13 Aug 2009 15:19:14 -0700 (PDT)
On Aug 13, 5:51 pm, Carsten Krueger <cakru...@xxxxxxxxx> wrote:
Am Tue, 11 Aug 2009 16:58:33 -0700 (PDT) schrieb berzerk3K:
[master_key] - input: any unicode phrase
[keyword] - input: any unicode phrase
[password] - output: generated password, 10 characters: a-z, A-Z, 0-9
1. [password] must always be the same for specific combination of
[master_key] and [keyword]
2. [password] is a mixture of letters and numbers, for example:
zp9BLtFWNh
3. if someone discovers [password] and [keyword], it must be
incredibly hard to discover [master_key]
Would you be so kind and tell me which algorithm(s) is the best for
this case?
const iteration_count = 1000.000
var hashed=masterkey
for i=1 to iteration_count do
hashed=secure_hash_function(keyword||hashed);
password=map_hash_to_alphabet(hashed);
iteration_count should be so big that your pc needs one second to compute
the hash. secure_hash_function could be for example SHA512.
Why not just use a standard like PKCS #5 to achieve this?
And why must someone use SHA-512? What properties of SHA-512 are not
found in [say] SHA-256 or SHA-1 that would render it less secure?
Tom
.
- References:
- Prev by Date: Security of NTFS encrypted file system
- Next by Date: Re: CSRF prevention token, why not HMAC_sha1(secret, action_name + session_id)?
- Previous by thread: Re: Newbie question: best algorithm for keyword-based password generation
- Next by thread: Re: Newbie question: best algorithm for keyword-based password generation
- Index(es):
Relevant Pages
|
