[cryptography] hashed passwords, iteration counts, and PBKDF2

travis+ml-rbcryptography at subspacefield.org travis+ml-rbcryptography at subspacefield.org
Wed Oct 31 16:58:00 EDT 2012


Thinking out loud;

One reason why PBKDF2 requires the original password is so that you don't repeatedly
hash the same thing, and end up a "short cycle", where e.g. hash(x) = x.  At that
point, repeated iterations don't do anything.

I just realized, you don't necessarily need to put the original password in; you
could just hash something else that varies to keep it out of a short cycle; for
example, the round number.

This would allow you to update an iteration count post-facto without knowing the
original password.  Would it break any security goals?
-- 
http://www.subspacefield.org/~travis/
"We are all puppets; I am just a puppet who can see the strings." -- Dr. Manhattan


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20121031/8837754e/attachment.asc>


More information about the cryptography mailing list