Martin James Cochran <[EMAIL PROTECTED]> writes: >This might work, although 90% of the steps seem to unnecessarily (and >perilously) complicate the algorithm. What's wrong with starting with input >SALT || PASSWORD and iterating N times, where N is chosen (but variable) to >make brute-force attacks take longer?
Or just use PBKDF2, RFC 2898. It does what's required, has been vetted by cryptographers, is an IETF standard, has free implementations available, ... Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
