On 10/11/13 7:34 PM, Peter Gutmann wrote:
Phillip Hallam-Baker <hal...@gmail.com> writes:
Quick question, anyone got a good scheme for key stretching?
Yeah, that's a weaker simplification of the method I've always
advocated, stopping the hash function before the final
MD-strengthing and repeating the input, only doing the
MD-strengthening for the last step for each key. I used this in
many of my specifications.
In essence, the MD-strengthening counter is the same as the 0xnn
counter they used, although longer and stronger.
This assures there are no releated key attacks, as the internal
chaining variables aren't exposed.
The cryptography mailing list