-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Aug 15, 2012, at 4:50 PM, [email protected] wrote: > * PGP Signed by an unknown key > > Any reason PBKDF2 shouldn't be used for (storing) hashed passwords? > My recommendation is that you should use it. It's even got a NIST document, now: http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf To be the most rigorous, use PBKDF2-HMAC-SHA[12]. It doesn't matter a lot which hash function you're using if you're doing the HMAC version. The major difference will be the number of iterations. SHA2 is slower than SHA1, so you'll use fewer iterations. SHA512 is faster on a 64-bit processor than SHA256, which puts a small wrench in things. Use lots of iterations. Calibrate them against real time -- enough for 100ms or more, for example, rather than a fixed count. If you're worried, then add more iterations. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 3.2.0 (Build 1672) Charset: us-ascii wj8DBQFQLDuusTedWZOD3gYRAt0+AKC0jAKZS40IDBdYelX19y5pQ6zS5gCgpYhI dYokIg8zciE7iY5NrXVWkwc= =pSLW -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
