On Tue, 29 Nov 2005, Jack Lloyd wrote: > The basic scenario I'm looking at is encrypting some data using a > password-derived key (using PBKDF2 with sane salt sizes and > iteration counts). [...] My inclination is to use the PBKDF2 output > as a key encryption key, rather than using it to directly key the > cipher (with the key used for the cipher itself being created by a > good PRNG).
IMO this is too much complicated: just generate random salt with your PRNG and use PBKDF2(password, salt) as a session key. Since PBKDF2 is a (xor of) PRF outputs it is (pseudo-)random. -- Regards, ASK --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
