THE IMPORTANCE OF HASHING PASSWORDS, PART 4: THE HARDWARE THREAT

Posted Leave a comment

The third part of this series presented PBKDF2 as a modern key derivation and password hashing algorithm. But PBKDF2 has its limitations; for best protection against password cracking the iteration count (defining the computing power needed to hash a password) should be chosen as high as possible. On the other hand, a higher iteration count also means that a login of a […]

THE IMPORTANCE OF HASHING PASSWORDS, PART 3: RAISE THE PRICE

Posted Leave a comment

The last part of this series presented a fairly serious password hashing algorithm using an HMAC and a salt value. However, as this article will show, this construction can be much improved, dramatically raising the “price” for an attacker to crack a password hash. How to Attack a Password Database To improve our salted HMAC construction, we need to know how an adversary […]

SECRET SHARING STEP BY STEP

Posted Leave a comment

In this blog article I will show the different types of secret sharing methods especially the common used Shamires secret sharing method. Thereafter I will explain the mathematical background of this procedure. What is Secret Sharing about? Let’s start with the following situation. A big heritage should be distributed over 6 heirs. The heritage is […]

GIT AND GITHUB (FOR A SCALA HACK SESSION) – SETUP

Posted Leave a comment

There is a great colleague of mine, François Scheurer, having an enumerous number of notes about everything he has been working and researching on: Linux, Scala, mathematical algorithms, NoSQL, Clustering, Security etc. Recently he and I attended two online courses about Scala’s functional and reactive programming. While attending both courses he and I have discussed, researched, and created […]