undefined | Better HN

0 pointsp4bl011y ago0 comments

> Also, you don't use hashes to store passwords, you use KDFs.

Well, technically a hash can be seen as a particular key derivation function (KDF). Not a proper one for the purpose of storing passwords I agree, but then most KDFs are built using salt + an iteration of hash functions, to my knowledge at least (which I admit is not very deep on the subject).

0 comments

tptacek11y ago

A hash serves as the PRF in a KDF construction; it's a building block, not a subset.

j / k navigate · click thread line to collapse

0 pointsp4bl011y ago0 comments

> Also, you don't use hashes to store passwords, you use KDFs.

0 comments

tptacek11y ago

A hash serves as the PRF in a KDF construction; it's a building block, not a subset.

j / k navigate · click thread line to collapse