Please enable JavaScript.
Coggle requires JavaScript to display documents.
Securing Password Storage (PBKDF1 and 2 (perform thousands of rounds…
Securing Password Storage
Rainbow table
Precomputated table
reversing cryptographic hash functions
cracking password hashes
used in recovering passwords
MD5
message digest algorithm
hash function
128-bit hash value
suffer extensive vulnerabilities
checksum
verify data integrity
PBKDF1 and 2
perform thousands of rounds
simple hashes
build up returned hash
password-based key derivation
key derivation functions
sliding computiational
reduce vulnerabilities
part of RSA lab public-key cryptography standards
purpose
applies pseudorandom function
hash-based message authetication code(HMAC)
to input password / passphrase
produce derived key
used crytographic key
with salting
adding random value
begining / end of password
make rainbow table useless
key stretching
Use BCrypt
SCrypt less battle-tested
use lots of RAM, making it hard to parallellize
not BCrypt
SHA256 in PBKDF2
per-user salt values
randomly generated
1000 rounds