Content deleted Content added
No edit summary Tags: Reverted references removed Mobile edit Mobile web edit |
m Reverted edit by 49.14.96.70 (talk) to last version by Pgallert |
||
Line 37:
== Password hashing ==
Despite their original use for key derivation, KDFs are possibly better known for their use in '''password hashing''' ([[cryptographic hash function#Password verification|password verification by hash comparison]]), as used by the [[passwd]] file or [[shadow password]] file. Password hash functions should be relatively expensive to calculate in case of
In 2013 a [[Password Hashing Competition]] was announced to choose a new, standard algorithm for password hashing. On 20 July 2015 the
As of May 2023, the [[OWASP|Open Worldwide Application Security Project]] (OWASP) recommends the following KDFs for password hashing, listed in order of priority:<ref name="owasp">{{cite web|url=https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html | title=Password Storage Cheat Sheet | work=OWASP Cheat Sheet Series |publisher=[[OWASP]] |accessdate=2023-05-17}}</ref>
# [[Argon2|Argon2id]]
Line 63 ⟶ 65:
{{DEFAULTSORT:Key Derivation Function}}
[[Category:Key management]]
[[Category:Key derivation functions|*]]
|