|
|
|
|
|
|
by sparky
5667 days ago
|
|
|
bcrypt or scrypt (http://www.tarsnap.com/scrypt.html).
bcrypt lets you more or less arbitrarily set the computational complexity (in terms of instructions) of key generation. scrypt is newer (2009), but has the attractive property that it lets you arbitrarily set the memory complexity instead (how much memory it takes). This is attractive because key generation with a large memory requirement is more expensive to massively parallelize with an ASIC/FPGA farm. If you have a seriously good reason for not using either of these, which you probably don't, "stretched" (iterated thousands of times) and salted SHA-2 or MD5, or PBKDF2 ( http://en.wikipedia.org/wiki/PBKDF2 ) can be acceptable alternatives. |
|
|