Password-based cryptography

Password-based cryptography is the study of password-based key encryption, decryption, and authorization. It generally refers two distinct classes of methods:

  • Single-party methods
  • Multi-party methods

Single party methods

Some systems attempt to derive a cryptographic key directly from a password. However, such practice is generally ill-advised when there is a threat of brute-force attack. Techniques to mitigate such attack include passphrases and iterated (deliberately slow) password-based key derivation functions such as PBKDF2 (RFC 2898).

Multi-party methods

Password-authenticated key agreement systems allow two or more parties that agree on a password (or password-related data) to derive shared keys without exposing the password or keys to network attack.[1] Earlier generations of challenge–response authentication systems have also been used with passwords, but these have generally been subject to eavesdropping and/or brute-force attacks on the password.

See also

References

  1. ^ Halevi, Shai; Krawczyk, Hugo (August 1999). "Public-key cryptography and password protocols". ACM Trans. Inf. Syst. Secur. 2 (3). Association for Computing Machinery: 230–268. doi:10.1145/322510.322514. ISSN 1094-9224 – via ACM Digital Library.

Further reading


Stub icon

This cryptography-related article is a stub. You can help Wikipedia by adding missing information.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.