1

I recently came across this term and after some research found this article which states the following:

An alternative approach, called key strengthening, extends the key with a random salt, but then (unlike in key stretching) securely deletes the salt. This forces both the attacker and legitimate users to perform a brute-force search for the salt value

That made me wonder, what's the point of using such an approach rather than the traditional key stretching? Are there any real applications employing this method?

Trey
  • 189
  • 1
  • 15

1 Answers1

2

The sources of that Wikipedia article show that the article describing key strengthening by Manber (adding a subsequently deleted salt) is from 1996, two years before the 1998 article that is given as the origin for key stretching describes (adding more iterations).

The idea there seems to have been to use the existing crypt() password hash exactly as-is, and make any modifications outside of it. From the Manber paper, p.5:

The implementation of this scheme is very easy. In particular, all changes are made as an extra filter to the login procedure, without having to modify the encryption mechanism at all.

Remember that the original crypt() didn't have any means for setting the number of rounds, but was completely fixed. (It also didn't support password longer than 8 characters, so they couldn't just append the salt, but had to apply it by "scrambling" the password with the secret salt.)

ilkkachu
  • 912
  • 6
  • 13