The number of rounds in an iterated cipher is wildly different --- in fact, clos... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tptacek on Dec 31, 2019 | parent | context | favorite | on: Too Much Crypto [pdf]

The number of rounds in an iterated cipher is wildly different --- in fact, close to the opposite --- of the number of iterations in a password KDF. But: don't use PBKDF2 at all, if this is something you're trying to optimize; scrypt and Argon2 are memory-hard in addition to time-hard.

ww520 on Dec 31, 2019 [–]

Good to know. Yes, PBKDF2 is kind of outdated. It's just that ripping it out and replacing with new key derivation algorithms takes time, especially needing inter-operated with other tools, while the iteration count is a simple configuration to bump up on existing implementation.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact