Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Cryptographyarrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Cryptography
Article . 2017 . Peer-reviewed
License: CC BY
Data sources: Crossref
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Cryptography
Article
License: CC BY
Data sources: UnpayWall
DBLP
Article . 2017
Data sources: DBLP
versions View all 3 versions
addClaim

Password-Hashing Status

Authors: George Hatzivasilis;

Password-Hashing Status

Abstract

Computers are used in our everyday activities, with high volumes of users accessing provided services. One-factor authentication consisting of a username and a password is the common choice to authenticate users in the web. However, the poor password management practices are exploited by attackers that disclose the users’ credentials, harming both users and vendors. In most of these occasions the user data were stored in clear or were just processed by a cryptographic hash function. Password-hashing techniques are applied to fortify this user-related information. The standardized primitive is currently the PBKDF2 while other widely-used schemes include Bcrypt and Scrypt. The evolution of parallel computing enables several attacks in password-hash cracking. The international cryptographic community conducted the Password Hashing Competition (PHC) to identify new efficient and more secure password-hashing schemes, suitable for widespread adoption. PHC advanced our knowledge of password-hashing. Further analysis efforts revealed security weaknesses and novel schemes were designed afterwards. This paper provides a review of password-hashing schemes until the first quarter of 2017 and a relevant performance evaluation analysis on a common setting in terms of code size, memory consumption, and execution time.

Related Organizations
Keywords

key-derivation, KDF, password-hashing, PHC, PHS

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    28
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    Top 10%
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    Top 10%
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    Top 10%
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
28
Top 10%
Top 10%
Top 10%
gold