|
|
|
@ -1,4 +1,4 @@ |
|
|
|
.\" $OpenBSD: bcrypt_pbkdf.3,v 1.4 2013/06/05 04:01:53 tedu Exp $ |
|
|
|
.\" $OpenBSD: bcrypt_pbkdf.3,v 1.5 2014/09/27 06:40:07 doug Exp $ |
|
|
|
.\" |
|
|
|
.\" Copyright (c) 2012 Ted Unangst <tedu@openbsd.org> |
|
|
|
.\" |
|
|
|
@ -14,7 +14,7 @@ |
|
|
|
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
|
|
|
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
|
|
|
.\" |
|
|
|
.Dd $Mdocdate: June 5 2013 $ |
|
|
|
.Dd $Mdocdate: September 27 2014 $ |
|
|
|
.Dt BCRYPT_PBKDF 3 |
|
|
|
.Os |
|
|
|
.Sh NAME |
|
|
|
@ -37,7 +37,7 @@ The salt value should be randomly generated beforehand. |
|
|
|
The repeated hashing is designed to thwart discovery of the key via |
|
|
|
password guessing attacks. |
|
|
|
The higher the number of rounds, the slower each attempt will be. |
|
|
|
.\" A minimum value of at least 1000 is recommended. |
|
|
|
.\" A minimum value of at least 4 is recommended. |
|
|
|
.Sh RETURN VALUES |
|
|
|
The |
|
|
|
.Fn bcrypt_pbkdf |
|
|
|
@ -64,4 +64,6 @@ function returns 0 to indicate success and \-1 for failure. |
|
|
|
.Sh CAVEATS |
|
|
|
This implementation deviates slightly from the PBKDF2 standard by mixing |
|
|
|
output key bits nonlinearly. |
|
|
|
By mixing the output bytes together, we require an attacker to perform |
|
|
|
all of the work without taking any shortcuts. |
|
|
|
.\" .Sh BUGS |
doug
10 years ago