How Do You Slow Down Rust? Use the PBKDF2 solution
So sorry for confusion in the title. But, by “Rust” I mean the programming language, and by “the PBKDF2 solution” I focusing on the process of slowing the hashing of your password.
PBKDF2 (Password-Based Key Derivation Function 2) is defined in RFC 2898 and generates a salted hash. Often this is used to create an encryption key from a defined password, and where it is not possible to reverse the password from the hashed value. It is used in TrueCrypt to generate the key required to read the header information of the encrypted drive, and which stores the encryption keys. Overall it is used in many applications, such as in protecting your password within Wi-fi networks.
In many applications we need to generate an encryption key. For this we could create a random key, but we would need to store it, and where it could be discovered. A typical method is thus to use a Key Derivation Function (KDF) with a salt value in order to generate a hashed value, and then use this hash to generate the encryption. As this method would be open to brute force, we often use a method which will slow the hashing process down, and defeat a hash cracker based on parallel processing. This is normally implemented using a hashing loop, and where we hash over a number of rounds. Typical methods are PBKDF2, bcrypt and scrypt, as these are more robust against…
