From the course: CompTIA Security+ (SY0-601) Cert Prep: 3 Cryptography Design and Implementation

Unlock the full course today

Join today to access over 24,000 courses taught by industry experts.

Key stretching

Key stretching

- [Instructor] Many encryption technologies depend upon the ability to create an encryption key from a password in a way that remains strong. Key stretching technologies allow this to happen. The basic idea behind key stretching is that an algorithm takes a relatively insecure value, such as a password, and manipulates it in a way that makes it stronger and more resilient to threats like dictionary attacks. Key stretching combines two different techniques to add strength to an encryption key. First, it combines encryption keys with a value known as a salt to modify the key. This process is known as salting. Second, it hashes the resulting value to add time to the key checking process. This might be less than a second, but key stretching algorithms repeat this process hundreds or thousands of times to consume more computing power. The idea is that if a user knows the correct password, the second or two that it takes to…

Contents