Using Spritz as a Password-Based Key Derivation Function
-
1
Universitat d'Alacant
info
- Manuel Graña (coord.)
- José Manuel López-Guede (coord.)
- Oier Etxaniz (coord.)
- Álvaro Herrero (coord.)
- Héctor Quintián (coord.)
- Emilio Corchado (coord.)
Publisher: Springer Suiza
ISBN: 978-3-319-47364-2, 3-319-47364-6, 978-3-319-47363-5, 3-319-47363-8
Year of publication: 2017
Pages: 518-525
Congress: International Conference on Computational Intelligence in Security for Information Systems (9. 2016. San Sebastián)
Type: Conference paper
Abstract
Even if combined with other techniques, passwords are still the main way of authentication in many services and systems. Attackers can usually test many passwords very quickly when using standard hash functions, so specific password hashing algorithms have been designed to slow down brute force attacks.Spritz is a sponge-based stream cipher intended to be a drop-in replacement for RC4. It is more secure, more complex and more versatile than RC4. Since it is based on a sponge function, it can be employed for other applications like password hashing.In this paper we build upon Spritz to construct a password hashing algorithm and study its performance and suitability.