So PBKDF2 is pretty cool in many ways, but it has been a while since I looked at it.
One thing about it that kinda bothers me is that, when examining it, I couldn't immediately see a way for a system to increment the iteration count without having the user re-enter a password, since U_x seems to depend on P. So, let's say you have a web site with, say, 250M users. Over time, compute power increases, and you want to increase the iteration count of all the hashes in the database, but getting them all to enter their password again is untenable; there will always be people who logged in once and never again. Is there something similar to PBKDF2 that has this property? Could there be, or is this a fundamental limitation of the constraints we want regarding security against offline attacks? -- I find your ideas intriguing and would like to subscribe to your newsletter. My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email [email protected] to get blacklisted.
pgp3HkoA0qN9H.pgp
Description: PGP signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
