|
|
|
|
|
|
by gst
5636 days ago
|
|
|
I just want to add that nowadays "scrypt" (see http://www.tarsnap.com/scrypt.html) might be a better solution than bcrypt (suggested in the link). ("might" because scrypt is relatively new and therefore missing the numerous peer reviews bcrypt has seen). |
|
|
Personally, I think any serious KDF is better than just using SHA1 (or SHA256, and note that the difference between SHA1 and SHA256 is not super relevant to SRP), so as long as you're doing something --- PBKDF1, PBKDF2, bcrypt, scrypt, hand-hacked 1000-iterations-of-SHA1 --- I'm happy.