Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Subject: Re: Extracting Entropy?
From: Peter Gutmann (pgut001cs.auckland.ac.nz)
Date: Tue Jun 20 2000 - 11:32:45 CDT

Ben Laurie <benalgroup.co.uk> writes:

>OK, so if I've got a passphrase of arbitrary length, and I wish to
>condense it to make a key of length n bits (n > 160), what's the
>approved method(s) of doing that?

PKCS #5 v2 probably contains the best key derivation mechanism, followed
closely by TLS, then SSL, eventually PGP iterated and salted S2K, and then you
sink into this kind of morass of cruft (PKCS #12, X9.42, CMP, other PGP
variants), and beyond that assorted ad-hoc methods (a single pass through
SHA-1, no salt). Everyone seems to find it necessary to reinvent their own key
derivation mechanism, so there's lots to choose from :-).