From the course: CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts
Join today to access over 23,200 courses taught by industry experts.
Key stretching
From the course: CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts
Key stretching
Many encryption technologies depend upon the ability to create an encryption key from a password in a way that remains strong. Key stretching technologies allow this to happen. The basic idea behind key stretching is that an algorithm takes a relatively insecure value, such as a password, and manipulates it in a way that makes it stronger and more resilient to threats like dictionary attacks. Key stretching combines two different techniques to add strength to an encryption key. First, it combines encryption keys with a value known as a salt to modify the key. This process is known as salting. Second, it hashes the resulting value to add time to the key-checking process. This might be less than a second, but key stretching algorithms repeat this process hundreds or thousands of times to consume more computing power. The idea is that if a user knows the correct password, the second or two that takes to verify the password is not a big deal. However, if an attacker is trying to guess the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.