Key extension
Key stretching , English Key stretching , is a cryptographic key derivation operation that a weak key , usually a password to make safer by ensuring that the trying all ways more resources (time, memory) are required. The state of the art is argon2 . PBKDF2 , bcrypt or scrypt also satisfy the recognized rules of technology , but they have known disadvantages.
Stretching techniques generally work as follows: The initial key is entered into an algorithm that generates an enhanced, stretched key. This must be large enough that it cannot be found out by a brute force attack (a length of 128 bits is usually sufficient). The stretching algorithm must be secure, that is, there must be no known possibility of calculating the improved key from the initial key with less effort.
The attacker who wants to find out a stretched key has two options: either to try all the possibilities for the improved key (practically impossible if the key is long enough), or to try all possible combinations of characters of the original key by stretching them out . If the initial key is a password, the attacker will usually proceed as follows: first he will try every word in a list of common passwords, then every word in the dictionary, and finally all possible combinations of characters, of increasing length, as far as his computing power and -time allowed. Stretching the key does not prevent this procedure, but the attacker has to spend more time per trial password because he has to stretch it.
If the attacker is using the same class of hardware as the user, each attempt will take the same amount of time it took the user to stretch the key (this time is typically on the order of a second). Even if the attacker has much larger computing resources, key stretching slows the attack down considerably because the user's computer only needs to calculate the stretch function once to process a password, while the attacker has to calculate it for every possible password they try.
There are several ways to perform the key stretch. In addition to the above-mentioned algorithms such as Argon2, a cryptographic hash function or block cipher can also be used repeatedly.