On Sunday, April 30, 2017 at 4:20:27 AM UTC-4, olafv...@gmail.com wrote: > > What's the recommended way to hash passwords? I can't find any guides / > tutorials on this. > > I'm looking for a function like std::string hash_password(std::string > password); but I think crypto++ doesn't provide an interface like that. >
It kind of depends on what you want to do. There are several standards for hashing passwords available: HKDF <https://www.cryptopp.com/docs/ref/class_h_k_d_f.html>, PBKDF (PKCS #12) <https://www.cryptopp.com/docs/ref/class_p_k_c_s12___p_b_k_d_f.html>, PBKDF-1 (PKCS #5) <https://www.cryptopp.com/docs/ref/class_p_k_c_s5___p_b_k_d_f1.html>, PBKDF-2/HMAC (PKCS #5) <https://www.cryptopp.com/docs/ref/class_p_k_c_s5___p_b_k_d_f2___h_m_a_c.html> . Crypto++ lacks the Password Hashing finalists at the moment, but its on the roadmap. If all you want to do is hash a password, then use HKDF. It follows the modern Extract-then-Expand design of Krawczk and Eronen. Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
