Password-based cryptography
 |
This article does not cite any references or sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (December 2009) |
 |
This article is an orphan, as few or no other articles link to it. Please introduce links to this page from related articles; suggestions may be available. (October 2008) |
Password-based cryptography generally refers to two distinct classes of methods:
- Single-party methods
- Multi-party methods
[edit] Single party methods
Some systems attempt to derive a cryptographic key directly from a password. However, such practice is generally ill-advised when there is a threat of brute-force attack. Techniques to mitigate such attack include passphrases and iterated (deliberately-slow) password-based key derivation functions such as PBKDF2 (RFC 2898).
[edit] Multi-party methods
Password-authenticated key agreement systems allow two or more parties that agree on a password (or password-related data) to derive shared keys without exposing the password or keys to network attack. Earlier generations of challenge-response authentication systems have also been used with passwords, but these have generally been subject to eavesdropping and/or brute-force attacks on the password.
