Skip to main content

8. Security Considerations

8. Security Considerations

Password-based cryptography is generally limited in the security that it can provide, particularly for methods such as those defined in this document where offline password search is possible. While the use of salt and iteration count can increase the complexity of attack (see Section 4 for recommendations), it is essential that passwords are selected well, and relevant guidelines (e.g., [NISTSP63]) should be taken into account. It is also important that passwords be protected well if stored.

In general, different keys should be derived from a password for different uses to minimize the possibility of unintended interactions. For password-based encryption with a single algorithm, a random salt is sufficient to ensure that different keys will be produced. In certain other situations, as outlined in Section 4, a structured salt is necessary. The recommendations in Section 4 should thus be taken into account when selecting the salt value.

For information on security considerations for MD2 [RFC1319], see [RFC6149]; for MD5 [RFC1321], see [RFC6151]; and for SHA-1 [NIST180], see [RFC6194].

Last updated on