[cryptography] authentication protocol proposal
pinterkr at gmail.com
Wed Jul 17 17:54:08 EDT 2013
admittedly, i got a little bit hyped about Keccak, especially its versatility.
so i thought why not devise an authenitcation / key stretching / key
derivation / secure storage protocol that uses solely Keccak to achieve all of
i put together a brief (5 page) document describing the protocol itself:
* all operations can be identified with single (multiphase) Keccak operation
* any amount of data can be derived, and it is not costly (unlike PBKDF2)
* through a session key, data can be derived at a later time
* uses only one crypto primitive
* extremely simple
* grants access to many kinds of primitives (prng, stream cipher, MAC) with
the notable exception of a block cipher.
* up to 127 character passwords with 128 bit salt
* designed to be compatible with 3rd party Keccak libraries, though not with
SHA-3 only libraries
so if you got hyped about Keccak too, you might want to have a looksie.
any feedback is appreciated.
ps: references to Kerckhoff are not necessary. i know the drill. it is
More information about the cryptography