Secure applications of low-entropy keys

  • John Kelsey
  • Bruce Schneier
  • Chris Hall
  • David Wagner
Key Management
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1396)


We introduce the notion of key stretching, a mechanism to convert short s-bit keys into longer keys, such that the complexity required to brute-force search a s + t-bit keyspace is the same as the time required to brute-force search a s-bit key stretched by t bits.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Aba97]
    M. Abadi, personal communication.Google Scholar
  2. [BDRSSTW96]
    [BDRSSTW96] M. Blaze, W. Diffie, R. Rivest, B. Schneier, T. Shimomura, E. Thompson, and M. Wiener, “Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security,” January 1996.Google Scholar
  3. [DBP96]
    H. Dobbertin, A. Bosselaers, and B. Preneel, “RIPEMD-160: A Strengthened Version of RIPEMD,” Fast Software Encryption: Third International Workshop, Cambrdige, UK, February 1996 Proceedings, Springer-Verlag, 1996, pp. 71–82.Google Scholar
  4. [H80]
    M.E. Hellman, “A Cryptanalytic Time-Memory Trade Off,” IEEE Transactions on Information Theory, v. 26, n. 4, Jul 1980, pp. 401–406.Google Scholar
  5. [Knu81]
    D. Knuth, The Art of Computer Programming: Volume 2, Seminumerical Algorithms, Addison-Wesley, 1981.Google Scholar
  6. [Man96]
    U. Manber, “A Simple Scheme to Make Passwords Based on One-Way Functions Much Harder to Crack,” Computers & Security, v. 15, n. 2, 1996, pp. 171–176.Google Scholar
  7. [MT79]
    R.H. Morris and K. Thompson, “UNIX Password Security,” Communications of the ACM, v. 22, n. 11, Nov 1979.Google Scholar
  8. [NBS77]
    National Bureau of Standards, NBS FIPS PUB 46, “Data Encryption Standard,” National Bureau of Standards, U.S. Department of Commerce, Jan 1977.Google Scholar
  9. [NIST93]
    National Institute of Standards and Technology, NIST FIPS PUB 180, “Secure Hash Standard,” U.S. Department of Commerce, May 93.Google Scholar
  10. [QDD86]
    J.-J. Quisquater, Y. Desmedt, and M. Davio, “The Importance of ‘Good’ Key Schemes (How to Make a Secure DES with ≤ 48 Bit Keys?),” Advances in Cryptology—CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 537–542.Google Scholar
  11. [Sch96]
    B. Schneier, Applied Cryptography, Second Edition, John Wiley & Sons, 1996.Google Scholar
  12. [Tre97]
    Peter Trei, personal communication, 1997.Google Scholar
  13. [Wie94]
    M. Wiener, “Efficient DES Key Search,” TR-244, School of Computer Science, Carleton Unversity, May 1994.Google Scholar

Copyright information

© Springer-Verlag 1998

Authors and Affiliations

  • John Kelsey
    • 1
  • Bruce Schneier
    • 1
  • Chris Hall
    • 1
  • David Wagner
    • 2
  1. 1.Counterpane SystemsMinneapolis
  2. 2.Soda Hall, C.S. DivisionU. C. BerkeleyBerkeley

Personalised recommendations