[cryptography] embbeded pw kdf?

Stephan Mueller smueller at chronox.de
Fri Aug 5 07:07:39 EDT 2016

Am Freitag, 5. August 2016, 12:07:50 CEST schrieb stef:

Hi stef,

> dear list,
> with the spectre of IoT looming over us - making us all warm and fuzzy about
> our memories of security in the 80ies - i was wondering, if you have an
> 32bit (not considering 8bit systems for their very limited support for
> crypto) embedded device with heavily constrained processing power and
> memory (<0.5MB) but still enough to perform all basic crypto algos, how
> would it be the best do derive a key from user input (assuming we have a
> keypad e.g.) argon2 seems to be optimized for PCs. is the best one can do
> in such situations a naive:
> H0 = password
> H_n = hash(H_n-1, device unique salt), 1<=n<max_iterations

Do not invent the wheel again yourself, use SP800-132 which kind of does what 
you propose here, but in a slightly different fashion. In addition, it is more 
reviewed and even widely used (e.g dm-crypt).


More information about the cryptography mailing list