[132015] in cryptography@c2.net mail archive
Re: Generating AES key by hashing login password?
daemon@ATHENA.MIT.EDU (Jon Callas)
Sat Aug 30 10:35:07 2008
Cc: <cryptography@metzdowd.com>
From: Jon Callas <jon@callas.org>
To: Muffys Wump <muffysw@hotmail.com>
In-Reply-To: <BAY142-W252A5C17B92D2A146781C5AA630@phx.gbl>
Date: Fri, 29 Aug 2008 18:13:23 -0700
>
> We were wondering if it was possible to use a hash function instead.
> Using the password he provided at the login screen and hash it n
> times.
>
> Master Password: hash(hash(login_password))
>
> Would this be a good idea if we've used this generated hash as a key
> for AES?
> Would the hashing be secure enough against different kinds of attacks?
The short answer is yes. A better answer is that you want to salt the
password before you hash it many times, to keep from having rainbow
tables created. Another better answer is that you want to hash many
times to slow down password crackers.
As others have mentioned, there are standards that can show you the
way. PKCS#5 has a mechanism for this. OpenPGP does, too. They're
subtly different, and understanding the differences can help you roll
your own.
Jon
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
