On Tue, 29 Nov 2005, Jack Lloyd wrote:
The basic scenario I'm looking at is encrypting some data using a
password-derived key (using PBKDF2 with sane salt sizes and
iteration counts). [...] My inclination is to use the PBKDF2 output
as a key encryption key, rather than using it to directly
From: Jack Lloyd [EMAIL PROTECTED]
Sent: Nov 29, 2005 11:08 AM
To: cryptography@metzdowd.com
Subject: Encryption using password-derived keys
The basic scenario I'm looking at is encrypting some data using a
password-derived key (using PBKDF2 with sane salt sizes and iteration
counts). I am not
It can be useful to derive a key encryption key from the password, and not
use the key derived from the password to directly encrypt data you want to
protect, when the resulting ciphertext can be found in different places
where your encrypted key won't necessarly also be found. For example, to
