[cryptography] good key stretching practice?

Jeffrey Goldberg Jeffrey at goldmark.org
Sat Dec 28 18:02:23 EST 2013

On Dec 28, 2013, at 2:01 PM, Kevin <kevinsisco61784 at gmail.com> wrote:

> Hello list.  What is the best key stretching method that can be used?

Best for what?

If you are trying to stretch from a password to a key and wish to add some resistance to password cracking then currently your “mainstream” choices are scrypt, PBKDF2, and bcrypt. None of those are perfect, but each will do. PBKDF2 is the best established, but it is also the most quirky. If you want to play at the bleeding edge of this, you can look what has been proposed as part of the Password Hashing Competition. 


If you don’t need a “slow” hash, then perhaps something like HKDF is right for your particular needs.


But without having a better sense of what you are trying to achieve, nobody can be confident that they are recommending the right thing to you.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131228/64430d04/attachment.asc>

More information about the cryptography mailing list