adam's notes

Salting and Key Stretching

  • values used for private key must be selected at random
  • low entropy is a concern when a cryptographic system uses user-generated data
    • e.g., password
    • users tend to select low entropy passwords
  • salting and key stretching help protect password-derived cryptographic secrets

Salting

  • Cryptographic hash functions are often used for password storage and transmission
    • hashes are one way
      • cannot be decrypted back to the plaintext password
    • but are vulnerable to brute-force and dictionary attacks
  • can slow down these attacks by adding a salt value to the hash

A salt is a security countermeasure that mitigates the impact of precomputed hash table attacks by adding a pseudorandom value to (“salting”) each plaintext input.

  • computed as:
  • unique, random salt value should be generated for each user account
    • mitigates the risk that
      • if users choose identical plaintext passwords,
      • there would be identical hash values in the password file
  • salt is not kept secret
    • any system verifying the hash must know the value of the salt
    • simply means an attacker cannot use precomputed hash tables
    • hash values must be recompiled with specific salt for each password

Key Stretching

Key stretching is a technique that strengthens potentially weak input for cryptographic key generation, such as passwords or passphrases created by people, against brute force attacks.

  • process
    • takes a key that’s generated from a user password
    • plus a random salt value
    • and repeatedly converts it to a longer and more disordered key
  • initial key may be put through thousand rounds of hashing
    • may not be difficult for the attacker to replicate
    • doesn’t make the key stronger
    • it does slow the attack down
      • attacker has to do extra processing for each possible key value
  • can be performed by using a particular software library to hash and save passwords when they are created
    • Password-Based Key Derivation Function 2 (PBKDF2) is very widely used for this purpose
      • part of Wi-Fi Protected Access (WPA)

Graph View

Backlinks