Jump to content

Password-based cryptography

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by SmackBot (talk | contribs) at 01:35, 17 October 2008 (Tagging and general fixes, added orphan tag). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Password-based cryptography generally refers to two distinct classes of methods:

  • Single-party methods
  • Multi-party methods

Single party methods

Some systems attempt to derive a cryptographic key directly from a password. However, such practice is generally ill-advised when there is a threat of brute-force attack. Techniques to mitigate such attack include passphrases and iterated (deliberately-slow) password-based key derivation functions such as PBKDF2 (RFC 2898).

Multi-party methods

Password-authenticated key agreement systems allow two or more parties that agree on a password (or password-related data) to derive shared keys without exposing the password or keys to network attack. Earlier generations of challenge-response authentication systems have also been used with passwords, but these have generally been subject to eavesdropping and/or brute-force attacks on the password.

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Password-based_cryptography&oldid=245800938"