Using Spritz as a Password-Based Key Derivation Function
-
1
Universitat d'Alacant
info
- Manuel Graña (coord.)
- José Manuel López-Guede (coord.)
- Oier Etxaniz (coord.)
- Álvaro Herrero (coord.)
- Héctor Quintián (coord.)
- Emilio Corchado (coord.)
Editorial: Springer Suiza
ISBN: 978-3-319-47364-2, 3-319-47364-6, 978-3-319-47363-5, 3-319-47363-8
Año de publicación: 2017
Páginas: 518-525
Congreso: International Conference on Computational Intelligence in Security for Information Systems (9. 2016. San Sebastián)
Tipo: Aportación congreso
Resumen
Even if combined with other techniques, passwords are still the main way of authentication in many services and systems. Attackers can usually test many passwords very quickly when using standard hash functions, so specific password hashing algorithms have been designed to slow down brute force attacks.Spritz is a sponge-based stream cipher intended to be a drop-in replacement for RC4. It is more secure, more complex and more versatile than RC4. Since it is based on a sponge function, it can be employed for other applications like password hashing.In this paper we build upon Spritz to construct a password hashing algorithm and study its performance and suitability.